tags:

views:

89

answers:

2
+1  Q: 

How secure is a security salt in an iPhone app?

I want to prevent users tampering with the the data generated in my iPhone app, such as high scores. So I'm thinking of using an MD5 hash of the relevant data, and a security salt hard coded into the app. When the data is read back in, I create a new hash and compare it to the old hash. If there's a difference, I know someone has been fiddling with the data.

I'm guessing there's always going to be a way for people to get round it, but will this method make it;

  • Very difficult.
  • Tricky to work around.
  • Makes no difference at all.
+2  A: 

I'd say tricky, but not very difficult. It's still fairly straightforward to step through with a debugger and watch the salt getting loaded into memory, though it's certainly enough to keep out the vast majority of users.

Unfortunately, this is the classic DRM problem, and has no solution against a sufficiently motivated attacker. Your best bet is to create as many barriers as possible, such that it isn't worth someone's time.

Perhaps the submitted high score could also include some details on game state, which would allow you to check for inconsistencies that might give a user away. For instance, if you see that a user achieved 1,000,000 points but only reached level 2 then you know something's up!

A quick win that will at least defeat a user running strings against your binary is to make sure the salt string doesn't look obvious; don't use "saltsaltsalt"!

jnic  2009-11-19 11:36:18
MD5 has a length that is to short and really should not be used in new designs, SHA-1 or one or it's newer cousins such as SHA-256 should be used.
zaph  2009-11-19 11:47:27
In this case, the problem isn't collisions but the hiding of the salt itself.It's significantly easier for a user to extract the salt with a debugger than to compute collisions (or attempt to extract the salt by brute force) so this is not a viable attack vector.
jnic  2009-11-19 12:00:16
SHA-1 does not have a salt, none is needed so there is not issue with a hacker finding the salt. Salts are used with MD5 because the result is to short.
zaph  2009-11-19 12:24:02
But someone could still easily rebuild the hash using SHA-1? So a salt is still needed.
gargantaun  2009-11-19 18:16:43
A: 

Assuming that the user can't replace the old hash the concept is fine. But use SHA-1 instead of MD5, it is much more secure and becuase of the increased length (160 bits) there is no salt.

zaph  2009-11-19 11:44:37
Salts are a not a property of the MD5 hash function, they are function-agnostic, as their purpose is to confound known-plaintext attacks (among others). Thus, using (for instance) SHA-1 instead would confer no advantage in this case.
jnic  2009-11-19 12:09:28

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security