views:

173

answers:

1

The Keychain seems to be used a lot for usernames and passwords, but is it a good idea to use it for other sensitive stuff (bank details, ID numbers etc), but with no password? What kind of encryption does the keychain use? The scenario I'm concerned about is a thief acquiring an iPhone (which is screen-locked) and being able to access the file system to get this info.

Also, would using the Keychain involve export restrictions due to the use of encryption?

+1  A: 

(For the 2nd question, ask a lawyer.)

The Keychain can be used to store any string data.

All Keychain data are stored in a SQLite database (/Library/Keychains/keychain-2.db), and are encrypted with AES-256, using a device-specific key (search for "0x835 key" for detail).

The Keychain data should be safe as long as the client is not jailbroken. (But then, all semi-sensitive data in a .plist is safe as long as the client is not jailbroken.)

KennyTM