Making Your iOS App More Secure With SSL Pinning
Nowadays, we feel safe after securing our servers with SSL (Secure Socket Layer), which is a protocol for creating an encrypted connection between client and server. It ensures that all data passed in network will be private and integral. While SSL communication is considered largely secure and unbreakable in realistic time frames, the man-in-the-middle attack still poses an actual threat.
How does SSL work?
- The client connects to the server and requests that the server identify itself.
- The server sends a certificate to the client (including public key).
- The client checks if that certificate is valid. If it is, the client creates a symmetric key (session key), encrypts with the public key, then sends it back to the server.
- The server receives the encrypted symmetric key, decrypts it with its private key, then sends an acknowledge packet to the client.
Man in the Middle Attack
The man-in-the-middle attack intercepts a communication between two systems. For example, in an http transaction, the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into two new connections, one between the client and the attacker, and the other between the attacker and the server, as shown in figure 1. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert, and modify the data in the intercepted communication. — https://www.owasp.org/index.php/Man-in-the-middle_attack
Using SSL, the client will allow the connection only from trusted sources that have the valid certificate. And it looks good for most cases. But what if someone stands between the client and server and acts like they’re the real server? Let’s call client C, server S, and the attacker A.
So instead of sending a packet to S, A can catch the packet and pretend to be S. What if, instead of receiving the certificate from S, client C receives a fake certificate from A and believes it’s valid? A can make C think it’s communicating with S, but actually all connection flows will be directed to attacker A.
Hence, SSL pinning can be the solution to prevent Man-In-The-Middle (MITM) attacks. SSL pinning will ensure that the client connects with the designated server. The main key of SSL pinning is that the server certificate will be saved in the app bundle. Then, when the client receives the certificate from the server, it compares the two certificates to make sure they’re the same before establishing the connection.
Now I will show how to implement SSL pinning in iOS.
Alamofire
Alamofire is the most popular networking library in iOS, and it makes it really easy to implement SSL Pinning.
NSURLSession
For NSURLSession, the main method to handle SSL pinning is URLSession:didReceiveChallenge:completionHandler:delegate
. Set your class to conform URLSessionDelegate
and paste this function to your class:
One disadvantage of SSL pinning is that you have to save the certificate in the app. Whenever the certificate is updated, we need to release a new version of the app.