How to secure big amounts of data in an iPhone app?

I need to secure a decent amount of sensitive data in an iphone app. Now I am thinking about methods I can use to achieve this.

The most obvious but least secure one would be to only secure the app entry with a username/password. How secure would this option really be? Is there a way for unauthorized data access in such an app? I guess so.

Second option would be to secure every string of sensible data. Now that's where I am stuck a bit. Is the keychain an optimal way to do this? Probably not or? How many items can I store in the keychain anyways? Is there a limit per app? I only used it for storage of a single password in recent apps.

Third option from my point of view would be generic encryption algorithms. Are there best prac开发者_开发问答tises for using those?

Sorry for the bunch of questions, I hope you can point me in the right direction to solve my problem. Thanks in advance.

Thomas

Small amounts or big amounts it doesn't matter. A user with a jailbroken iPhone has more control over the device than any developer. There is no place to hide a secret.

In a previous post the following link was suggested. It contains a good description on how to encode data on the iPhone: http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html.

Just to add a bit to Rook's answer.

The iPhone keychain is able to be cracked in under 6 minutes even if the device has a passcode enabled. Of course, this requires physical access to the phone but honestly that's the only reason to bother encrypting anything on it anyway. It's done by first jailbreaking the device.

Obligatory link: http://www.theregister.co.uk/2011/02/10/iphone_password_retrieval_hack/

Point is, you absolutely can not depend on any device (iphone or not) to retain it's secrets once the device it outside of the control of the owner.

Heck, even their secure backups have been shown to be less than secure. If you can just get a backup of the phone then you have everything you need. You can't even depend on remote wipe as those require the phone to contact the home network to receive the wipe instructions; and that can be stopped.

The only way to get even a modicum of security is to simply not store the data on the device itself and instead store it on a centralized server... But even that has it's own challenges with securing data going over public phone networks, etc. However, at least this is no different than trying to secure a regular website.