Data Security & Cryptography for iOS

Cryptography is an indispensable tool for protecting information in computer systems.

Encryption plays the crucial role in Cryptography, it helps us hide user’s sensitive data and alleviate the risks of the businesses which is related to payment transactions. In other words, encryption is what makes secure data exchanges possible on the internet nowadays.

Let’s introduce the two main encryption methods: Symmetric-key algorithm and Asymmetric-key algorithm (Public-key algorithm)

The art and science of keeping messages secure is cryptography

Symmetric-key algorithm

Symmetric-key algorithms also referred as secret-key algorithms is a type of encryption where only a single secret key is used to both encrypt and decrypt information. Symmetric keys are securely generated and distributed to the sender and receiver. On the other hand, keys are unknown to any other entity.

In general, the steps of symmetric encryption are:

1. Both the sender and the recipient have identical copies of the secret key
2. The sender uses the secret key to encrypt their message.
3. The encrypted message, called ciphertext, looks like scrambled letters and can’t be read by anyone along the way.
4. The recipient uses secret key to transform the ciphertext back into readable text.

CryptoKit is a Swift framework that makes it easier and safer to perform common cryptographic operations. Here is the simple codes of implementing symmetric encryption.

In the first line, we declare the secret message as “I LOVE YOU”. Then we generate a new random symmetric key. As the message is encrypted with the symmetric key by AES(Advanced Encryption Standard) algorithm in line 9, the encrypted message printed out (line 11) in the console becomes a strange text “9ispeF6Cqh+9wg==” (this message may be different every time when you run this program).

In order to get the original message, we need to use the same symmetric key to decrypt the data (line13~14). As you can see, the decrypted message is consistent with the secret message.

Asymmetric-key algorithms

Asymmetric-key algorithms are also known to as “public-key algorithms”. They use two mathematically associated keys knows as public and private keys. One key is used for data encryption, and the other is used for decryption of data. The combination of a public and private key is called a key pair, which are mathematically related yet uniquely paired so that they match only one another.

The private key is always kept secret by the owner. The public key is distributed to the public and everyone can access it.

The public key encrypts your data before sending it over the internet and the private key decrypts the data on the recipient’s end of the exchange.

Here is the steps of how asymmetric encryption works in general:

1. The sender obtains the receiver’s public key.
2. The message is encrypted by the sender using the receiver’s public key, and this creates the ciphertext.
3. The ciphertext is then sent to the receiver.
4. The receiver decrypts the ciphertext with their private key and returns it to the original message.

To achieve this algorithm, we firstly utilize iOS Security framework to generate an asymmetric key pair and store them in Keychain.

Next, sender can use the public key generated in the previous step to encrypt the message that should be protected.

In this example, we use eciesEncryptionStandardX963SHA256AESGCM algorithm to do the encryption.

To give you an idea, the encrypted message for “this is a sensitive message” may look like: “BAsd6P8MAv0CKLDU4oRXbuFetsRE/NKakOkTsyJO53of2OaXmXxZmBeqJP3MWFuxdTz2gTvFuuciVdelYywcthOcM6I/0KQHBUou1a9ckrvquHAzqQlR4QkDsIcE/IPWm/1kiAl9snKqSu5t” (line 14).

As the receiver gets the message, it can be decrypted by the private key. After decrypted, the encrypted message will be transformed to “this is a sensitive message” again!

This is how you can implement Symmetric and Asymmetric key algorithm in iOS. 😎

Wrapping Up.

I hope this tutorial is helpful to you. If you have any questions about the tutorial, please leave your comment below and let me know.

If you are interested in the topic and want to learn more, you can find out more at the source:

• WWDC 2019 Session 709: Cryptography and Your Apps.
• Apple CryptoKit documentation.

Thank you for your reading! Happy coding ~ :D