Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iOS GKSession: securely pair two devices

M

MrFusion

macrumors 6502a
Original poster
Jun 8, 2005
613
0
West-Europe
GKSession is a nice, beginners friendly API to connect two iDevices over an ad hoc wifi connection and exchange data. As far as I can tell the link is unsecure and any devices can be connected (if the app accepts).

I want to encrypt the transmitted data and ensure the two right devices are talking to each other. With bluetooth, two people have to exchange a short key (4-5 digits) before a connecting is established (pairing). I am thinking about implementing this with GKSession, but I don't know where to start.

Any idea where I should start? Which google/xcode documentation search keys do I need? Pairing leads me to just keyboards and mouses. Encryption leads to AES(?) and keys that way, way to long to type in.

My goal is to exchange data between a few people in a room without any eavesdropping.
 
Correct me if I'm wrong, but I thought both devices in a GKSession had to accept each other?

If a third device attempted to join, wouldn't at least one of the other two have to accept the third?

(Maybe I'm mistaking this for a different connection method in game kit... I haven't tried using any of them since last summer.)
 
ArtOfWarfare said:
Correct me if I'm wrong, but I thought both devices in a GKSession had to accept each other?

If a third device attempted to join, wouldn't at least one of the other two have to accept the third?

(Maybe I'm mistaking this for a different connection method in game kit... I haven't tried using any of them since last summer.)
Click to expand...

Yes, incoming requests have to be accepted. But anyone can make a request. The device can't know who the other party is. It can ask the other party for a display name, but this is easily spoofed. The other device can be a person inside the room or a person standing outside the door. Exchange a key (like with bluetooth) should solve this, or not?
 
MrFusion said:
Yes, incoming requests have to be accepted. But anyone can make a request. The device can't know who the other party is. It can ask the other party for a display name, but this is easily spoofed. The other device can be a person inside the room or a person standing outside the door. Exchange a key (like with bluetooth) should solve this, or not?
Click to expand...

Why do you need such security? Can you not trust users to simply commune with each other face to face and say "Did you send me a request? Oh, you didn't? I'll reject this request then..."
 
ArtOfWarfare said:
Why do you need such security? Can you not trust users to simply commune with each other face to face and say "Did you send me a request? Oh, you didn't? I'll reject this request then..."
Click to expand...

Isn't the paring key also used in encrypting the data?

Well anyway, even if it's not necessary, I just want to know how to do it in principle.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back