Home/ Questions/Q 7928533
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T19:45:33+00:00

In my iOS4+ app i use AES encryption on several places and whole app

  • 0

In my iOS4+ app i use AES encryption on several places and whole app has to be very secure. In order to do this I have to hard code several keys in this app which are then randomly picked when I need to encrypt something…

My question is how to store those private keys? Is it safe to hard-code them using NSString? Or

#define SecretKeyString @"febd9a24d8b65c1c787d50a4ed3619a9"

If user jailbreaks iPhone with this app installed, couldn’t he get those hard-coded keys? How can i hide them most effectively?

Thanks for any suggestion…

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    What others apps do is require the user to “log in” before they can use the app. Then you use their userid/password as a key to encrypt the keys or use a secured web service to get the keys for that user.

    If you use a #define or even an NSString, there are ways to guess the keys. Obviously, you have to truly be willing to spend a lot of time to find those keys in compiled code, but depending on the level of security you are looking for and the people you are guarding against, this might be a problem.

    • 0