What is the best approach for encrypting values in CoreData?
Why do I need to encrypt the data when Apple is already encrypting the App Container? I want to sync the data to iCloud. Data in iCloud is also encrypted but it is not end to end encrypted. [iCloud Security].
Apple encrypts the data with their own key. CoreData internally uses SQLite which stores the database in plaintext. If this data is synced with iCloud, It is still vulnerable before being encrypted by Apple's own key. What is the possible way to keep the data in iCloud also encrypted without worrying about Apple's own encryption?
One of the Approach I have tried was using ValueTransformers:
I have tried using ValueTransformers to encrypt fields such as DateOfBirth and user Passwords. Now since the information is written in Binary into the SQLite database it solves one of the problem. but the problem with ValueTransformer is the attribute's dataType becomes Transformable and I am unable to use NSPredicate on that field. For example I can't search users born in certain year. Looks like NSPredicate doesn't work with transformable data since it is stored as binary data in the CoreData SQL.
Is it possible to encrypt the data before being sync to the iCloud and decrypt it back when receiving back from the iCloud? This year at WWDC 2019 Apple announced support for iCloud with CloudKit. Is there any way to do the encryption before the data is being synced with CloudKit? Any other resources will be helpful.
