I’ve been having trouble trying to communicate between PHP and my iOS application using AES encryption.
So far, I’ve considered two methods of implementation. The first was to use OpenSSL.
On the iOS side, I implemented in a way to mimic the code shown here: http://saju.net.in/code/misc/openssl_aes.c.txt.
On the PHP side, I took the generated key and IV (from the iPhone) and used it as input to the PHP openssl encrypt.
The results differed in terms of the output…
I have also considered: http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html
but this SO post: AESCrypt decryption between iOS and PHP deterred me.
The project is not tied down to AES, it just seemed like a strong encryption algorithm that wouldn’t be too hard to implement.
My basic question is: what is the easiest way to implement a good encryption algorithm that can easily be used to communicate between iOS and PHP?
As said in the comments, it would probably easiest for you to use HTTPS.
I once set up an iPhone app that had to communicate with a PHP backend over HTTPS, and spent many hours trying to find out why the iPhone wouldn’t accept the encrypted connection.
As it turned out, it didn’t work because I was using a self-signed certificate on the server side. Buying an SSL certificate from a Certificate Authority solved all issues.
SSL certificates that validate a single domain name without company or extended validation are really cheap, so I suggest you give that a try!