As I continue on in my series about how I’m designing my app (because designing software is fun, and writing about it even more so), there’s still one more piece to the puzzle. Even though I protect the data in transit from my web server to the end user, and have written a process to protect against myself, how do I prevent an attacker from changing the content after I’ve uploaded it?
As I’ve said before, I really doubt that I’d be a target. Maybe I’ll say something inflammatory one day and someone will try to get even with me (like say Apple’s iPhone has an exploit or something). But at the same time, I’m trying to set an example for all the other people out there who want to build an app.
Suppose a hacker wants to steal my content. If he is determined, I’m probably going to be vulnerable no matter what. However, what I want to prevent is him changing my config file which then results in everyone getting free content. Now that would truly suck.
How can I prevent this?
The best way that I can think of is doing encrypting the config file. I run a sanity check at home and encrypt the config file, and then upload it to the web server. When the user downloads the app, they connect to the web server and pull the encrypted file down and then decrypt it locally on their tablet. Thus, a hacker can break in all he wants, but unless he knows the secret key that I use to encrypt the file – which isn’t on the web server – he will not be able to tamper with the file. In effect, the entire config file is acting as its own digital signature.
My flow is like this:
Which results in this:
This creates the following security model:
That’s the model I have adopted in order to prevent tampering. It’s not perfect (nothing is) but I have gone out of my way to mitigate risk.
I'm surprised that you find the security of the device holding the symmetric key is better than the security of an asymmetric encryption. If you did use asymmetric encryption, you wouldn't need to store a plain-text version. If you decrypted the file using the public key, and it resulted in a valid config file, then you can be sure that it's valid. This means that every device would be verifying that the config file is valid every time it downloaded it. Also, if the hacker was able to replace your encrypted config file, then they could replace the unencrypted config file too, so that wouldn't help your detection.
I may still end up doing asymmetric encryption, I haven't decided.