PDA

View Full Version : How can I use externally generated keys to encrypt and decrypt the data in iPhone?




sspbond007
Oct 22, 2009, 02:22 AM
I am working on an application, in which I need to encrypt and decrypt the data, with the keys generated by server. I viewed the sample code of Crypto Exercise. In that keys are automatically generated. How can I use externally generated keys in the code? Please help.



jnic
Oct 22, 2009, 04:44 AM
I am working on an application, in which I need to encrypt and decrypt the data, with the keys generated by server. I viewed the sample code of Crypto Exercise. In that keys are automatically generated. How can I use externally generated keys in the code? Please help.

I suppose you could do CGI programming in Objective-C, but if you're generating keys on the server then you now need to also encrypt their transit to your client. Depending on your needs, SSL should be strong enough for this.

Perhaps you could tell us a little more about what you're trying to achieve so we can suggest a more appropriate scheme?

sspbond007
Oct 22, 2009, 06:47 AM
I suppose you could do CGI programming in Objective-C, but if you're generating keys on the server then you now need to also encrypt their transit to your client. Depending on your needs, SSL should be strong enough for this.

Perhaps you could tell us a little more about what you're trying to achieve so we can suggest a more appropriate scheme?

Thanks for reply.
Actually we would save the key to the application before distributing iphone with application installed, application will be of no use without keys.
As the admin will have the details of key.

Key example generated at server:

Public Key = Sun RSA public key, 1024 bits
modulus: 1240233510564686149015330170723212474427559356040558804540600074768901644388167527258743722946740150 4258175593427175990204950211100538971179113550248700818693738230468929243736868214384699030046592369 0895265303828247563983908120112048903925521720479908415043670044545880379949571719973833044267594283 578037267
public exponent: 65537


Private Key = Sun RSA private CRT key, 1024 bits
modulus: 1240233510564686149015330170723212474427559356040558804540600074768901644388167527258743722946740150 4258175593427175990204950211100538971179113550248700818693738230468929243736868214384699030046592369 0895265303828247563983908120112048903925521720479908415043670044545880379949571719973833044267594283 578037267
public exponent: 65537
private exponent: 1148905452796018444433979431386498505195104384768579055838142898504581957252392369919367535343691979 6832599881785209599788405515451192783912220009294732369010471992197967242187181338713014983468249092 1697661392281141856629258926789279733883254021403658980049918631649289303454629969269203849499935133 081811361
prime p: 1228677254645623363327517395490043500467195826737068173250662576047382600473244843490836623818116063 9947248110138614224358839989172329264022644016028973059
prime q: 1009405444656331540483780437987820475444912828469801779797034783572975001271304867577529125998760813 6883717196181912050395526837190859701170692738982862513
prime exponent p: 6258591756082036824688727469008975414818560245962364286987025462897260074705636908960525964404865734 521857632493970713517114841365028423956969729879231695
prime exponent q: 9594257283447854543206990103779134390712804966818879788076489729210638079129670691539045778219144697 846415178976206805975832853842761073978436487735484865
crt coefficient: 9270409267843644570790177803648197918946915567779960231096993691473748233824775338016370226367676538 314640135208758120690734790651897457694493986394969199



using this info we have to do all kind of cryptographic operation.

Any suggestion.

jnic
Oct 22, 2009, 07:51 AM
Thanks for reply.
Actually we would save the key to the application before distributing iphone with application installed, application will be of no use without keys.

Wouldn't that mean that all instances of your app were doing their encryption/decryption with the same key pair? This would render such encryption moot, as anyone could simply extract the private key from memory and decrypt all data for all instances of your app.

Cromulent
Oct 22, 2009, 08:02 AM
Wouldn't that mean that all instances of your app were doing their encryption/decryption with the same key pair? This would render such encryption moot, as anyone could simply extract the private key from memory and decrypt all data for all instances of your app.

Exactly.

Your best bet is to have the application create a key pair on first launch then have it securely transmit the keys with a unique ID to the server so that it can associate each key with a specific instance of the application.

sspbond007
Oct 22, 2009, 09:05 AM
Wouldn't that mean that all instances of your app were doing their encryption/decryption with the same key pair? This would render such encryption moot, as anyone could simply extract the private key from memory and decrypt all data for all instances of your app.


Sorry, the logic behind is somewhat different. The main problem is of how to create SecKeyRef with the keys? Or is there any other way to encrypt data with the key information?