Inner Data Encryption (iOS)

We described our solution to crypto-assets security problem — a self-generating Master Key for Local Storage Encryption in several posts above .

In this article we would like to introduce implementaion of MK generation idea for iOS platform.

f1() – Binding MK and installation life-cycle

We need a value that will remain unchanged after user manipulations (close/open application, update operation system, update application).

Unified solution (iOS/Android) for this goal is Instance ID from Google. Instance ID provides a unique identifier for each app instance and a mechanism to authenticate and authorize actions (for example, sending a GSM message). Since Instance ID suits to authorization actions, then it can be used for Master Key generation.

Instance ID iplementation instructions you can find following this link.

Realization of this concept for iOS platform will be as follows.

CODE:

let instanceIDConfig = GGLInstanceIDConfig.default()
instanceIDConfig?.delegate = self
GGLInstanceID.sharedInstance().start(with: instanceIDConfig)
        
let iidInstance = GGLInstanceID.sharedInstance()
        
let handler : (String?, Error?) -> Void = { (identity, error) in
    if let iid = identity {
        self.instanceIDToken = iid
        print("instanceIDToken: \(self.instanceIDToken)")
                
        DispatchQueue.main.async {
            if !self.devicePushToken.isEmpty {
                self.generateMasterKey()
            }
        }
    } else {
        print(error)
    }
}
        
iidInstance?.getWithHandler(handler)
f2() – Binding MK and Local Password / Fingerprint

In order to provide even higher security to crypto-assets one can use additional password/fingerprint protection.

Code will be published here later.

f3() – Binding MK and a  specific device

An alphanumeric string that uniquely identifies a device to the app’s vendor is called Identifier for Vendor (IDFV). 

Here is Apple Documentation about identifierForVendor.

The value of this property is the same for apps that come from the same vendor running on the same device. A different value is returned for apps on the same device that come from different vendors, and for apps on different devices regardless of vendor.

CODE:

    UIDevice.current.identifierForVendor!.uuidString

 

 

 

 

Leave a Reply

Your email address will not be published.