Chapter 6

Securing Network Traffic

WHAT’S IN THIS CHAPTER?

• How to verify your application is communicating with the correct server
• Authenticating with a service using HTTP and client-side certificates
• How to generate cryptographic hashes and use them to verify payload integrity
• Encrypting and decrypting data within an iOS application
• Tips for storing credentials using the device’s keychain

WROX.COM DOWNLOADS FOR THIS CHAPTER

You can find the wrox.com code downloads for this chapter at www.wrox.com/WileyCDA/WroxTitle/Professional-iOS-Network-Programming-Connecting-the-Enterprise-to-the-iPhone-and-iPad.productCd-1118362403.html on the Download Code tab. The code for this chapter is in the Chapter 6 download and is divided into two major sections:

• An Xcode project that includes a rudimentary mobile banking application that communicates with a simple web service
• A set of PHP scripts to serve as a web service for the mobile banking app, which handles authentication, fetching account details, and transferring funds

The average cost of a mobile-related data breach in 2011 was $194 per-record with an average total organizational cost of $5.5 million per incident (“2011 Cost of Data Breach Study.” Ponemon Institute© Research Report, March 2012, http://www.symantec.com/content/en/us/about/media/pdfs/b-ponemon-2011-cost-of-data-breach-us.en-us.pdf). Given the highly networked nature of this world, it is of utmost importance that security be reviewed and addressed at every step of an application’s ...