RSA Implementierung in Objective-C

info

date: 2013-11-04 22:06:53

tags: Objective-C IT security encryption

category: Objective-C

Created by: Stephan Bösebeck

logged in

ADMIN


RSA Implementierung in Objective-C

Still work in progress, does not 100% reflect the German Version

I already wrote about my effort in creating a completely independent RSA implementation here. I posted it also on github-RSALib, so maybe somebody wants to use it... or wants to give feedback.

There is also a byte-compatible java version here. Thing is, it is not very easy to use encryption on different operating systems, e.g. iOS and Linux, and assume things are working fine. Actually, usually it is quite the opposite. But the most important Reason for those implementations was to have an insight in how encryption can be done without the os, so to exactly know what happens. No OS-backdoor could break into that... at least, not as easily.

The proof of concept is a very complicated Messaging System, that runs on iOS using the RSAImplementation mentioned above, connecting to a server implemented in java using the same implementation in java. Works quite fine...

what now

I was thinking about creating something useful with that code. I used to write a private diary on my mac using the App DayOne. This is a very cool app, runs on iOS and OSX, synchronizes you entries between different installations and is very beautiful to use - and is not encrypted at all! For a diary App! How can that be? Even the simplest physical diary usually has some kind of lock on it or somathing... But with DayOne all entries are store in plain text on the disk drive of all machines you use DayOne and synchronize it.

So, if your MacBook is lost - all your private Thoughts are plain to see there... Congratulations.

There is actually no good encrypted Diary in the App Store. Some encrypt good, but are very uncomfortable. Some are beautiful, but do not encrypt good... And so on...

So... a new Diary App was needed (at least for me):

For my Eyes Only

This is the name of the App, and this is the name the app will be published with. The Idea is quite easy, use the AES/RSA Implementations above to create a securely encrypted Diary... Great Idea!

What features do we need:

  • RSA Encryption. But where to put the Key? Obviously not a good idea to store the key in the app itself, but how about storing it hidden in a picture (steganography)? or on an usb stick? Both options should be possible
  • The keys are of course AES encrypted
  • It should be able to be synchronized using iCloud (maybe dropbox)
  • It should be possible to add photos and such to your entries, but those need to be encrypted as well
  • you need to be able to search for things

Problem is: using CoreData is not working, as the structure would still be visible, and searching would not work any way, as everything would be encrypted...

So... We need to create our own storage system.

Implementation Diary

I will put in some things I did during the implementation here, even if the app will never be published, it might be worth having this info around somehow...