In a previous post I listed a line of code that looked like this:
NSString *credentials = [NSString stringWithFormat:@”%c%s%@%c%c%s%@”, ‘u’, “ser:”, @”pas”, ’s’, ‘w’, “ord”, @”@”];
Reader Matt asked me to expand on this in his comment. (Hint: Don’t be afraid to suggest topics for this blog.)
The reason for the curious looking line above is to avoid the whole string to be easily visible in the binary application file. Had I just done this:
NSString *credentials = @"user:password";
it is trivial to search the binary file and find this information in clear text in the file. But by breaking up the string into mixed parts of characters, C strings and Objective-C strings, the content is dispersed in the binary file making it more difficult to find.
Other ways you can obscure strings is to manipulate the string before it’s used. An easy example is to add 1 to each byte in the string so that “HAL” becomes “IBM”. Of course you can make that function as complex as you want.
Keep in mind that security by obscurity is simply hiding information, which is very different from employing encryption using a mathematically proven algorithm. While it may take a long time to find a needle in a haystack, it just requires luck or patience. Whereas cracking a good safe is really difficult. When you think about security for your application you need to decide when a haystack is good enough for the information you’re trying to protect. And when that is the case, feel free to use a variation of the techniques described here.
February 22nd, 2010 at 20:23
I tend to cringe when I read post like this. Your readers should be aware that “Security by Obscurity” is not security. The scenario you present above is called obfuscation which does not provide any additional level of security. A secure system should be designed such that if someone knows everything about how the system works, it is still secure. Please see Kerckhoff’s Principle here: http://www.schneier.com/crypto-gram-0205.html\
February 26th, 2010 at 12:27
@Greg: The headline should probably have included an qualifier, but I think the rest of the post made it pretty clear that “security by obscurity” should not be confused with real security by design. The linked Wikipedia entry goes into depth on this, including arguments for and against, and it references Kerckhoff’s Principle several times.
So let me state for the record: If you are designing an application that needs security, then don’t use the technique discussed above. This of course includes any data that is related to financial information like credit cards, information that has any privacy implications, etc. If you just want to hide some information from public view, but are not concerned if anyone spends the necessary time and resources to find the information, then simply obscuring that information may be sufficient for your needs.