Dynamically generating a decryption key rather than hardcoding a string literal? (Objective-C / iPhone)

Question

My iPhone app is using encrypted assets. The decryption key will need to be hardcoded but I'm trying to avoid using a string literal. Is there a good standard algorithm to do this sort of thing?

Assume my key is:

abcdef01-2345-6789-abcd-ef0123456789

Rather than do this:

NSString *key = @"abcdef01-2345-6789-abcd-ef0123456789";

I rather do something like this:

-(NSString *)key {

    //TODO: generate abcdef01-2345-6789-abcd-ef0123456789 dynamically

    return generatedKey;
}

Thoughts?

emboss · Accepted Answer

Bad idea. The reason is the same as for hard-coded passwords. You can obfuscate and XOR the final password together from several places, but a capable hacker will monitor the memory of the device and reverse engineer any clever protocol with enough time. That he has if he simply steals the phone. Or could mount side-channel attacks and measure execution time or power consumption, therefore guessing the key much like safecrackers in movies would - fiddling with keys bit for bit and "listening" if they are any closer to their goal.

So you can make it harder, but without a hardware-supported secure storage mechanism (that would protect memory access and obfuscate power consumption, execution time etc. much like smart cards or hardware security modules do) there's no chance to make this secure.

The password needs to stay out-of-band information, separated from the device. Ideally, the user would enter it each time it is needed. Of course that is tedious from a user perspective - but at least it's secure.

Dynamically generating a decryption key rather than hardcoding a string literal? (Objective-C / iPhone)

Answers (2)

Related Questions