What Alastair said. (I’m usually not one for “me too” comments, but in this
case since you’re being advised to not do something I thought another vote
might be useful.)
I have about a dozen years’ experience working with crypto APIs on Apple
platforms. Crypto is difficult to understand and difficult to do right. It’s
all too easy to make mistakes with crypto primitives that will make the
encryption trivially breakable.
It’s been pointed out that, unlike other types of programming where bugs in
your code will be triggered more or less at random, in security programming you
have to assume there are human actors working as hard as they can to find ways
to trigger your bugs. This makes it much more likely that bugs will be found
and exploited. And of course the consequences can be very serious.
Your app data on iOS is already encrypted pretty securely. This is described in
Apple’s excellent iOS Security white paper, in the section “Data Protection in
apps”:
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
<https://www.apple.com/business/docs/iOS_Security_Guide.pdf>
—Jens
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
