All geek questions in one place

What happens when you close a file using the iOS Encrypted Without Opening encryption?

Apple Documentation reports the following:

Protected if not open. Files are encrypted. A closed file is not available when the device is locked. Once the device is unlocked, your application can open and use the file. If the user has a file open and locks the device (for example, by pressing the sleep button), your application can continue accessing the file.

Enabling Storage Technologies

And:

Completed if it is already open. The file is encrypted. A closed file is not available while the device is locked. After the user opens the device, your application can open the file and use it. If the user locks the device while the file is open, although your application may continue to access it. Specify the NSDataWritingFileProtectionCompleteUnlessOpen (NSData) parameter or the NSFileProtectionCompleteUnlessOpen attribute (NSFileManager).

Protecting data with disk encryption

This seems like a great option, allowing me to finish any remaining work on the file and then close it myself. The documentation does not say what happens to the file when I close it. For example, what happens when:

  • The user opens the application and opens the file in the application
  • The user locks the device (the file remains unprotected because it is open)
  • The application performs the remaining operations with the file
  • Application closes file

Now, is the file protected since it is now closed? Or can it be reopened?

+6
source share
1 answer

It uses public keys to ensure that the file cannot be opened until the device is unlocked.

Protected if not open
(NSFileProtectionCompleteUnlessOpen) : some files may be written during device lock. A good example is downloading an email application in the background. This behavior is achieved using an asymmetric elliptic cryptography curve (ECDH over curve 25519). Along with the regular key file, Data Protection generates a pair of public / private key files. the shared secret is calculated using the private key of the files and Protected if the public key is a public class whose corresponding private key is protected by the user password and device UID. the key for each file is wrapped with a hash of this shared secret and is stored in the file metadata along with the public key of the files; the corresponding secret key is then cleared from memory. As soon as the file is closed, the key from the file is also deleted from memory. Open the file again, the shared secret is recreated using Protected If the public key is the public class and the ephemeral public key of the files; its hash is used to expand the key for each file, which is then used to decrypt the file.

from http://images.apple.com/iphone/business/docs/iOS_Security_Oct12.pdf (p. 10)

+3
source

Source: https://habr.com/ru/post/943544/

More articles:


All Articles