1

I have seen many examples on verifying client or server certificates using Security framework APIs but this will solve only problem of Identification of security features but what about Confidentiality of data? How do I exchange private and public keys between client and server? What about Interception, Modifications, or Fabrication attacks? What if someone pretending and sending correct certificate as expected by client?

Community
  • 1
  • 1
Paresh Masani
  • 7,474
  • 12
  • 73
  • 139
  • Crypto is "[mechanical leverage](http://blogs.msdn.com/b/ericlippert/archive/2011/09/27/keep-it-secret-keep-it-safe.aspx)." You use a small secret (the key) to protect a larger secret (the cleartext). – Billy ONeal Feb 28 '13 at 18:45

1 Answers1

1

Identification is provided by verifying the cert as you note. Confidentiality is provided via encryption. Authentication is provided by signing the data. Together they are often implemented via TLS over a network connection.

In short, if you properly implement and deploy HTTPS, and validate your certificates, then you will get all of the things you're describing. NSURLConnection will do almost all of this for you by default if you just use an "https" URL.

If you deploy a certificate on the server and protect its private key, then it is not feasible for an attacker to pretend to have that certificate. Only the server has the server's private key (it is up to you to protect the private key from copying or theft).

A typical approach is to use a commercial certificate, in which a certificate authority (CA) like Verisign attests that the private key was issued to the owner of a given host (known as the CN or common name). This is a simple-to-use approach and generally cost effective. Go to one of the well-known CAs and buy a cert.

However, you can also create your own public/private server keypair, protect the private key, and distribute the public key in your client. You can then configure your client to only accept that one certificate and no others. This is actually more secure than the commercial certificate. For an example of this, see SelfCert. This is from my CocoaConf-RTP-2012 talk. I'll be giving a similar talk at CocoaConf-DC-2013. It is also discussed at length in chapter 15 of iOS:PTL.

Client certificates are less common. They are used to authenticate the client, not the server. For a client certificate to work correctly, each client must have its own certificate. You can't ship a private key as part of your bundle. If you do, anyone can use that private key to impersonate a client. (Conversely, it is completely fine to put the server's public key in the bundle. It's public; you don't care who sees it.)

With CFNetwork, after connecting, you would need to use CFReadStreamCopyProperty to fetch the kCFStreamPropertySSLPeerTrust. You could then evaluate the returned SecTrust object. That said, I recommend the NSURLConnection code if you can use it. If you need lower-level access, you could still use NSStream. Jeff Lamarche discusses this in NSStream: TCP and SSL. But I'd recommend a tool like AFNetworking or CocoaAsyncSocket instead if you need lower-level control over TCP+SSL.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • Thanks @Rob again! If I understand correctly, I will need to have both client and server certificates setup correctly with their public and private keys. I need to have client certificate in my App bundle. While logging on Authentication Challenge Received, I verify server's certificate and send client's certificate as a part of NSCredential UseCredential...but how would SecTrustEvalute method knows it's the right certificate and coming from my server? I can hard code and check trusted hosts but still someone can pretend as my server and send the right certificate! Isn't that possible? – Paresh Masani Feb 28 '13 at 01:38
  • ...also can't malicious program read my certificate and validate it like Server does? I assume that afterwards communication will happen automatically using public key encryption and private key decryption? There are no such method in CFNetworking? How would we exchange certificate when using CFNetwork? Sorry for lot of questions but it is so confusion! Not able to get how does it work underhood. I know all fundamentals of security though. – Paresh Masani Feb 28 '13 at 01:43
  • Hi @rob you don't have to ans all the questions but if you understand my situation and just give some brief on 1. Someone pretend as my server and 2. Similar Keys exchange with CFNetwork APIs then it would solve all my pain. Thanks. – Paresh Masani Feb 28 '13 at 01:55
  • Thanks Rob! I owe you a beer! :-) – Paresh Masani Feb 28 '13 at 23:06