I would like to encrypt a string with AES 256 on the iPhone but have not found much via google. What I am trying to do is post some data to a web site as part of a game I am creating, but I do not want the user to be able to cheat by seeing how it is posted because it is plain text. So I want to post one encrypted string to my php page (ala www.test.com/test.php?encrypted= etc...) and then the php script will decrypt it and do what it needs to if it is valid.
+1
A:
Check out this site: http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html
drvdijk
2009-08-05 19:18:56
+2
A:
A much easier approach here would be to use an HTTPS POST, which would give you similar protections with far less code, though there are still difficulties for solving the problem you're attacking. The kind of solution you're describing generally requires some kind of shared secret, and it's very hard to protect code using a shared secret for long. You may find these posts helpful:
- Machine ID for Mac
- Store an encryption key in Keychain while application installation process
- Obfuscating Cocoa
Still, HTTPS is probably a much better solution than AES here.
Rob Napier
2009-08-05 19:28:46
I haven't had much experience with HTTPS. To set it up do you need to get a secure server and a certificate?
Codezy
2009-08-06 00:46:00
Your server would need to run HTTPS. You can use a self-signed certificate, though it's a little more complicated on iPhone. There's discussion of it at http://stackoverflow.com/questions/933331/how-to-use-nsurlconnection-to-connect-with-ssl-for-an-untrusted-cert ASIHTTPRequest seems a good approach, though I've built my own for my existing projects so don't have direct experience with it.
Rob Napier
2009-08-06 01:05:29
+1
A:
You can just use the CryptoHelper
which is adopted by CyrptoExercise
Sample Project
notnoop
2009-08-05 20:03:40