With the fight between Apple and FBI all over the news, we’re all thinking about encryption, what we keep on our phones, and who can easily few the personal information. At it’s heart, this debate is over security – personal security versus national security. Both are valid concerns and all sides in this debate strong arguments, but there is one thing the two generally agree on: some level of phone security is not only good, but required to protect citizens against malicious parties.
But this fight has served to flare tensions on both sides, with Silicon Valley girding itself for a judicial war with the federal government. Whatsapp is now providing End-to-End Encryption; when coupled with the rise of Telegraph, an encrypted messaging app company, encryption is a hot topic.
Both messaging apps are attempting to provide more value to their app by improved security and both go beyond simple end-to-end encryption. Telegraph automatically deletes emails, preventing from database breaches. Whatsapp goes a step beyond End to End Encryption by offering a key verification system that prevents so-called Man-in-the-Middle attacks. In other words, it let’s you know that the friend you think is typing at the other end of the communication is actually the person typing.
Let’s take a look first at what makes powerful and robust encryption for apps and then how iOS apps approach security. So
How to Keep Your Data Safe
Everyone can agree – we want the highly sensitive information we store on our phones to be safe from prying eyes. Mobile Data Encryption is a highly necessary coding tool, but one that is often viewed as incomprehensible to the ordinary person. So what are some good mobile data encryption techniques? Let’s look at a few:
• AES Support: The Advanced Encryption Standard is the cipher used by basically the world. This is so fundamental to Encryption it’s almost not worth mentioning, but we figured we could get some of the technical terms out there. AES is used to both encrypt and decrypt data and, while it is not perfect, it is the only NSA-approved Cypher. A good Encryption App Development company still should provide support for other ciphers, such as TwoFish and Serpent.
• Easy Encryption Steps: As with everything, the design process of encrypting a file needs to be simple and easy to use. One of the biggest way breaches can occur is when users simply don’t bother to encrypt their files. Our developers always make the process of encrypting simple: no more than a few clicks. We also recommend configuring time-lapse encryption, where files are automatically encrypted after a certain length of time.
• Virtual Encryption Support: Many encryption techniques focus on encrypting information on a disk (often called “full-disk encryption). However, the world is moving away from hardware storage; In order to properly secure app data, support for encrypting virtual drives (i.e. the cloud). Of course, this doesn’t mean hardware encryption should be abandoned entirely.
• Software Encryption: Similar to the above point, software encryption is a way to encrypt information from the software side of things. This is especially useful in enterprise solutions, where multiple users will be working on the same device.
The above points are just the basic steps our developers consider when encrypting app, software, or website data. There is much, much more that goes into making data secure, and if you would like to know more about our encryption process, feel free to reach out to us. But for now, let’s take a look at why iOS is so well secured that the government was unable to crack the encryption themselves.
iOS and Encryption
iOS encryption begins at startup by compartmentalizing and then encrypting the startup tasks. Each task must be verified and approved prior to the beginning the next action. This is known as a secure boot chain, and prevents malicious entities altering the base software of an iOS device.
The data itself is encrypted using an AES 256-bit code and can only be unlocked with a device’s Unique ID (UID). This UID is hidden from all software and applications on a device, thus protecting the UID from being stolen by third party applications. Additionally, this number cannot be altered or tampered with in anyway what’s so ever, creating an exceptionally secure passcode to unlock your data.
Along with the UID being burnt into the hardware, Apple provides systemic encryption in the hardware of the device itself. This makes it not only more secure, but also much easier to initiate a complete and systemic remote wipe in the case of a stolen or lost device.
Even if a hacker was able to get your device and jailbreak it, they wouldn’t have the passcode. Without the passcode, the data will remain encrypted, and – as we all know from the Apple-FBI fight – the data is wiped from the phone after the 10th incorrect try.
iOS doesn’t just encrypt using a single UID passcode, though that is an integral part. It in fact involves the exchange and verification several different keys. Generally these keys are:
• the Per-file Key;
○ This actually encrypts the data itself and cannot be accessed without the Class Key;
• the Class Key;
○ This key protects the Per-file Key and is stored in Metadata;
• the System File Key
○ This secures the metadata holding the Class and Per-file Keys
The UID and the user’s Passcode are then used to unlock the Class Key, creating a series of interlocking encryption steps. Through this method, iOS is able to make a highly secure device that utilizes multiple, reliant and redundant layers of encryption.
Your Data Encryptors
SDI is a mobile app, website and software design company. We have been encrypting and securing data for years, for everything from Social Media sites to dating sites. We know how to create secure apps that protects your information from malicious attackers.
Contact us today and request for an NDA. You can also speak to us directly on 408.802.2885 for a free consultation.