Is it appropriate to encrypt the file using the ForVendor identifier?

Question

Is it appropriate to encrypt the file using the ForVendor identifier?

I am pondering the correct way to encrypt a file in my application. For data stored in a file, the following applies:

The data is not very sensitive.
Data can be recovered if lost (although it is very expensive)
The file must be read-only by the application
The file should not be read by my application when copied to another device
The app should not require a device password for a keyword

The idea I have is to use the [[UIDevice currentDevice] identifierForVendor]

encryption key as this should ensure my scores are higher.

Is this a good way to do it? Please give me every reason so you can think why I shouldn't do this!

+3

security ios cocoa encryption

Accatyyc 19 Aug 14 at 10:22

source to share

1 answer

7ynk3r · Answer 1 · 2016-01-25T22:35:15+0000

I don't recommend using it directly.

The reason this might change under several circumstances, such as an update.

However, you can use it instead of a random generator to store it in your keychain for future use.

Link

The value changes when the user uninstalls all of these providers' apps from the device and then reinstalls one or more of them. The value can also change when installing test builds using Xcode, or when installing the app on a device using an ad-hoc distribution. Therefore, if your application stores the value of this property anywhere, you should gracefully handle situations in which the identifier changes.

https://developer.apple.com/library/ios/documentation/UIKit/Reference/UIDevice_Class/#//apple_ref/occ/instp/UIDevice/identifierForVendor

Is it appropriate to encrypt the file using the ForVendor identifier?

More articles: