I'm trying to find a similar solution to the one provided by the new CoreML Model encryption announced in iOS 14.
I want to be able to download encrypted packages to an app that are then decrypted in memory for usage and are secure against jail breaking and theft. (See my previous question for more details on what I'm working on)
The crux of this problem is how to securely transmit the private key to the app in a way that it can't be spoofed.
I'm assuming that once the app has the key it is safe (even from the user) to store it in the KeyChain?
My question is - is there a way to use CloudKit, or existing iOS frameworks, to achieve this?
I want to be able to download encrypted packages to an app that are then decrypted in memory for usage and are secure against jail breaking and theft. (See my previous question for more details on what I'm working on)
The crux of this problem is how to securely transmit the private key to the app in a way that it can't be spoofed.
I'm assuming that once the app has the key it is safe (even from the user) to store it in the KeyChain?
My question is - is there a way to use CloudKit, or existing iOS frameworks, to achieve this?
I’ve been watching your other thread go by but haven’t chimed in because I’m not familiar with the Core ML side of this. However, this question is something I can address directly:
I’ve posted about this stuff before (like here and here) and the big picture situation hasn’t really changed. There have been some technical developments (1) but this is largely a business issue not a technical one.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
(1) Most notably, the iOS 14 beta enhancements to the DeviceCheck framework.
No. What you’re trying to build here is a DRM system — you want to give the user some content but control how they use it — and DRM systems always represent an arms race between you and your attackers. As with any arms race, there’s an associated cost and, at some point, the cost of ‘winning’ exceeds the value of the content you’re trying to protect.… secure against jail breaking and theft … is there a way to use CloudKit, or existing iOS frameworks, to achieve this?
I’ve posted about this stuff before (like here and here) and the big picture situation hasn’t really changed. There have been some technical developments (1) but this is largely a business issue not a technical one.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
(1) Most notably, the iOS 14 beta enhancements to the DeviceCheck framework.
