Protecting the app sandbox

Question

So I am working on a test app that downloads files locally to the app file storage sandbox. Some of these files may be sensitive and need to be protected. My app has a log

Answer 1

You might want to look into the File Protection mechanisms in iOS 4 and later. That provides a way to mark a file as "protected" so it will be stored encrypted on disk at all times, only accessible when the device is unlocked (with a passcode).

See also this question

Answer 2

You can encrypt the whole sandbox using the OS if you target iPhone 4 with OS 4.x. Even then, iOS has this concept of an 'escrow keychain' which is basically a cache of passwords and can he potentially hacked into. As far as I am aware, Mail is the only app that encrypts everything.

In order to encrypt your application data in this way, you just need to set the appropriate NSFileProtectionKey as documented in NSFileManager. But, as mentioned, this is not entirely secure.

You could try a custom category on the file manager that encrypts files based on your own requirement so that you have encrypted documents. The choice is yours.