Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to secure traffic between iOS-app and server?

I am building an app which gets JSON-encoded data from a web server. Right now, anyone can access the server-script that gets the data, and potentially access sensitive data.

So, what is the best way to ensure that the app is what's getting the data, and secure the traffic between the server and app? The server-script is PHP.

Thank you.

like image 783
Emil Avatar asked Dec 18 '10 23:12

Emil


2 Answers

You should use nonces

Here's a great tutorial on how to generate an MD5 hash in C:

http://www.saobart.com/md5-has-in-objective-c/

like image 130
Jacob Relkin Avatar answered Sep 23 '22 09:09

Jacob Relkin


So, what is the best way to ensure that the app is what's getting the data

In general, you can't. The best you can do is use some sort of login system, but anyone sniffing packets will be able to figure that out.

and secure the traffic between the server and app?

Use TLS, i.e., HTTPS using SSL.

like image 20
Shaggy Frog Avatar answered Sep 22 '22 09:09

Shaggy Frog