It seems more and more Apple provided iCloud features are using end-to-end encryption. In iOS 13 for example, protection is extended to Safari history and open tabs. I'm wondering if there's a good way to support end-to-end encryption in our own apps built on CloudKit.
As explained in the iCloud security overview:
End-to-end encryption provides the highest level of data security. Your data is protected with a key derived from information unique to your device, combined with your device passcode, which only you know. No one else can access or read this data.
One approach that comes to mind would be to generate a symmetric key (such as AES-GCM) on the device and put this in the user's keychain to safely share it with the user's other devices (to avoid the need for a separate passphrase or other custom key sharing mechanism). You could then use that key to encrypt
CKRecord
fields and CKAttachment
s. That means you lose type safety of individual fields and can no longer rely on CloudKit's support for indexes or CKReference
s, but I don't see a way around that.This is mostly out of curiosity, but would this approach make sense? Does it resemble Apple's use of end-to-end encryption, or does that rely on CloudKit features that aren't available to third-party developers?