How to architect a simple authorization scheme between IPhone and server?_问答_开发者

How to architect a simple authorization scheme between IPhone and server?

开发者 https://www.devze.com 2023-02-13 12:08 出处：网络

I\'m developing an iPhone app that lets users upload photos to a Google App Engine backend written in Python.

I'm developing an iPhone app that lets users upload photos to a Google App Engine backend written in Python.

Data开发者_运维知识库 is transferred between the device and server via HTTP POST and GET. What is the simplest, most secure way to ensure only iPhones with my app can get data? Also, I don't want the user to enter in credentials, it should be invisible to her.

I could embed a key in the device and send that with every request which the server would check against. But a malicious user could potentially decompile the app and obtain the key. Any suggestions?

With your requirement that the user not enter any form of password, your options are severely limited. As you note, any shared secret key in the app can be pulled out by someone via binary extraction etc. -- in effect, you can't stop a really dedicated cracker finding out the secret and then just submitting that to the server.

There are approaches that are not watertight, but which might make it harder for wholesale abuse of your service. One example might be to release updates for your app every month (or two weeks, or whatever) that contain a new shared secret. Then obviously your web service has to expect the new shared secret, as well as accepting the exising secret, for each time period.

If your data is very sensitive, you might want to stop eavesdropping by using HTTPS; but as Nick says, if you use HTTPS for anything except authentication, you have extra hoops to jump through at App submission time.

Whenever you have a key stored on a device or in software that is accessible by someone it is subject to attack. iOS's keychain is generally a helpful way to store things you want to secure. However, it is still subject to attack. As with all security you need come up with a model that is appropriate for your application.

Also note that there are encryption export restrictions that you should familiarize yourself with if you be intending to use encryption for more than authorization.