在应用程序安装过程中将加密密钥存储在 Keychain 中

Store an encryption key in Keychain while application installation process(在应用程序安装过程中将加密密钥存储在 Keychain 中)

问题描述

我需要我的应用程序使用客户的电话号码为我的网络服务生成唯一 ID.当然，电话号码是唯一的，但它必须是安全的.所以它可以用对称加密来实现(非对称将在以后，因为资源泄漏)，但我不知道在哪里存储加密密钥.

I need my application to use client's phone-number to generate unique ID for my web-service. Of course a phone-number is unique, but it must be secured. So it can be implemented with symmetric encryption (asymmetric will be later, because leak of resources), but I do not know where to store a encryption-key.

我不知道为什么，但在代码中将键存储为静态字段似乎不好.可能是因为从这里读取它太容易了，即使不运行应用程序.

I do not know why, but seems bad to store a key as a static field in code. May be because it's too easy to read it from here even not running an application.

最好将密钥存储在 Keychain 中并通过请求从此处获取.但是为了避免#1，有必要在安装过程中安装钥匙串.是否可以?该怎么做?

It seems better to store a key in Keychain and get it from here by request. But to avoid #1 it's necessary to install a key to Keychain while installation process. Is it possible? How to do that?

我不知道证书的作用.它们对解决问题有帮助吗?

I do not know what certificates do. Are they helpful to the problem?

从服务器传输密钥也是一个坏主意，因为很容易嗅探它.

To transfer a key from server is also a bad idea, because it's very easy to sniffer it.

推荐答案

解决嗅探问题的方法是通过 HTTPS 为 Web 服务进行通信.NSURLConnection 很容易做到这一点，我所知道的所有 Web 服务引擎都可以毫无问题地处理 HTTPS.这将立即解决您的许多问题.

The way you solve the sniffing problem is that you communicate over HTTPS for your web service. NSURLConnection will do this easily, and all web service engines I know of handle HTTPS without trouble. This will get rid of many of your problems right away.

100-1000x解密瓶颈在哪台机器上?您的服务器是否太忙以至于无法进行异步解密?你应该很少在电话上这样做，以至于它应该是无关紧要的.我不是说 asym 是这里的答案.只是它的性能开销不应该是保护单个字符串的问题，解密一次.

On which machine is the 100-1000x decrypt the bottleneck? Is your server so busy that it can't do an asym decryption? You should be doing this so infrequently on the phone that it should be irrelevant. I'm not saying asym is the answer here; only that its performance overhead shouldn't be the issue for securing a single string, decrypted once.

您的服务需要 SMS 以使所有用户都必须提供他们的电话号码?您是在尝试自动获取电话号码，还是让用户自己输入?通过私有 API(或非私有但未记录的配置数据)自动获取电话号码并将其发送到服务器可能会违反服务条款.这是 Apple 希望保护用户免受其侵害的特定用例.您绝对需要在您的 UI 中非常清楚您正在执行此操作并获得明确的用户许可.

Your service requires SMS such that all users must provide their phone number? Are you trying to automate grabbing the phone number, or do you let the user enter it themselves? Automatically grabbing the phone number through the private APIs (or the non-private but undocumented configuration data) and sending that to a server is likely to run afoul of terms of service. This is a specific use-case Apple wants to protect the user from. You definitely need to be very clear in your UI that you are doing this and get explicit user permission.

我个人的身份验证如下:

Personally I'd authenticate as follows:

• 服务器发送挑战字节
• 客户端发送 UUID、日期和哈希(UUID+challenge+userPassword+obfuscationKey+date).
• 服务器计算相同，确保日期在合法范围内(30-60 秒是好的)并验证.
• 此时，我通常让服务器生成一个长的、稀疏的、随机的会话 ID，客户端可以将其用于此会话"的剩余部分(从接下来的几分钟到下一年的任何时间)，而不是重新进行身份验证在每条消息中.

ObfuscationKey 是您将其硬编码到程序和服务器中的密钥，以使第三方更难创建虚假客户端.这是不可能的，期间，不可能，安全地确保只有您的客户端可以与您的服务器对话.然而，混淆密钥会有所帮助，尤其是在逆向工程更加困难的 iPhone 上.使用 UUID 也有帮助，因为它比电话号码更不为第三方所知.

ObfuscationKey is a secret key you hardcode into your program and server to make it harder for third parties to create bogus clients. It is not possible, period, not possible, to securely ensure that only your client can talk to your server. The obfuscationKey helps, however, especially on iPhone where reverse engineering is more difficult. Using UUID also helps because it is much less known to third-parties than phone number.

请注意其中的userPassword".用户应该使用只有用户知道的东西进行身份验证.UUID 和电话号码都不是这样的东西.

Note "userPassword" in there. The user should authenticate using something only the user knows. Neither the UUID nor the phone number is such a thing.

上面的系统，加上 HTTPS，应该很容易实现(我已经用多种语言做过很多次了)，具有良好的性能，并且对于广泛的适当"来说安全到适当的级别.

The system above, plus HTTPS, should be straightforward to implement (I've done it many times in many languages), have good performance, and be secure to an appropriate level for a broad range of "appropriate."

这篇关于在应用程序安装过程中将加密密钥存储在 Keychain 中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！