Build a Secure Envelope in iOS

Let’s learn how to transfer sensitive data over REST API in Swift

Photo by Simona Sergi on Unsplash

Internet and network application are growing rapidly, so the need to protect such applications becomes vital.

This article approaches the problem by proposing two different encryption algorithms. The combinatorial effect of using asymmetric and symmetric algorithms produces a hybrid encryption scheme that makes it difficult for an insecure person to learn any information from the message transmitted over an unsecured transmission.

Cryptography is the science of writing in secret code and is an ancient art of ensuring that messages (writing) are kept secure (hidden) from those recipients to whom the messages are not addressed.

Cryptographic Goals

Cryptography is used to provide solutions for many problems, such as the following:

• Confidentiality (privacy)
• Data integrity
• Authentication
• Non-repudiation

Secret key cryptography (symmetric)

It uses a single key for both encryption and decryption. The sender uses the key (or some rules) to encrypt the plaintext and sends the cipher text to the receiver.

The receiver applies the same key (or rule set) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Public key cryptography (asymmetric)

Public-key cryptography algorithms used today for key exchange or digital signatures include RSA, Rabin, ElGamal, Paillier, Elliptic Curve Cryptography (ECC), Cramer-Shoup, and many other public key cryptography algorithms.

Photo by Mauro Sbicego on Unsplash

Hybrid Algorithm

This article presents a Hybrid encryption approach to protecting data transfer through two encryption techniques: the AES algorithm is used to encrypt the plaintext, RSA algorithm is used to encrypt the AES key to ensure a safe transmission between client-client or client-server from verifying by another person, to make it more difficult to access by the attacker.

In this algorithm, the original data enters the system, and the output is the encrypted data by AES key with encrypted AES key by RSA public key during one execution stage and not in separate stages. At the receiver, the decryption process is done.

Hybrid Encryption

1. The sender generates a common key for the encryption of plain text.
2. Plain text is encrypted by a common key generated by the sender.
3. The sender uses the public key of receiving side to encrypt the common key.
4. The sender sends encrypted text along with the encrypted common key.
5. The receiving side decrypts the encrypted common key by using the secret key on the receiving side.
6. Receiving side decrypts encrypted text by decrypting the common key

AES (Advanced Encryption Standard) is an algorithm for common key encryption method. It is an encryption standard established subsequent to DES and is used as a current default standard for encryption.

RSA is an algorithm of public key encryption method. Ability of a computing machine impacts the algorithm since it is based on difficulty of prime numbers factoring. It requires adequate key length as indicated in “Issues of encryption algorithm in 2010”. At present, 2048 bits is used a standard length.

Implementation

Before implementing Secure Envelope, I want to tell you about a few things briefly:

1. Implementing a secure envelope is very important to match the encryption environment with the backend. For example, when the backend decides to use RSA/ECB/OAEPWithSHA-256, this is important to implement the same environment on the client side.
2. Many frameworks help speed up your development and reduce errors that may occur during implementation.

Demo Project

Here is the Demo Project, which shows how to implement a secure envelope.

First, we need to implement an IV and KEY generator for the AES algorithm, which generates a simple random String with a 16-bit length.

There are three lengths of AES encryption keys. Each key length has a different number of possible key combinations. Even though the key length of this encryption method varies, its block size — 128 bits (or 16 bytes) — stays fixed.

Second, we need to implement a key-pair. The RSA key-pair is the name for the public and private keys used by the RSA algorithm. The public RSA key is the encryption key, whereas the private key (which must be kept secret to ensure that only the intended recipient can read the data) is the decryption key.

AES256-CBC operations

This algorithm is also known by many as a ‘block cipher’ as it divides the data into chunks of sections called blocks.

• AES encryption key divides data into 4*4 arrays containing 16 bytes each.
• Each of these bytes contains a maximum of 8 bits. But this division does not change the size of the cipher text. Both the original and cipher text yields a size of 128 bits.

As we said before, it is possible to use frameworks to implement AES, but we do not use them to understand the implementation better.

Common Crypto is still the recommended way to do low-level crypto operations, like AES, which we used for implementation.

As it is clear in the method, next to inputs such as algorithm and padding, it also receives an input named IV and another input named KEY.

IV

An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks. This number, also called a nonce (number used once), is employed only one time in any session to prevent unauthorized decryption of the message by a suspicious or malicious actor. The important thing about an IV is that you must never use the same one for two messages, so in practice, you can use a random one we generated before.

KEY

Since AES supports multiple key sizes, we should choose the best one for this case. AES-128 is the most common choice in commercial applications. It offers a balance between security and speed. National governments typically make use of AES-192 and AES-256 to have maximum security. We used AES-256 to have an extra level of security.

RSA-PKCS1 operations

As we said before, we use the RSA algorithm to secure the key used in AES. Like AES, RSA has requirements that we will explain below:

• Do not send your cipher text with the private key.
• You should not use 1024 bits RSA keys. They’re not safe. Switch to keys of at least 2048 bits.
• Encryption is done using the public-key, and decryption is done using the private-key.
• Encryption using RSA keys is limited; only small amounts of data can be encrypted or decrypted, and RSA is slow.

Since this article focuses on hybrid encryption, we might have talked about the structure of the public-key and private-key in another article. Here, we will examine an example of public-key and private-key.

Public-key

The RSA public key, encoded in the traditional RSA format looks like this:

Private-key

Example of 2048-bit RSA private key, corresponding to the above public key.

Apple already provides a security framework that handles RSA, so we’ll use that to secure sensitive data. Here sensitive data will be the AES key.

RSA-Encryption

RSA-Decryption

Conclusion

The approach of sensitive data encryption and decryption using only
RSA algorithm is somewhat involved in some difficulties since RSA encryption has a very low data limit. The new algorithm that combined the features of two algorithms has solved the problem of key movement in a symmetric encryption algorithm and the problem of high power consumption of an asymmetric encryption algorithm.

I hope you thought it was worthwhile to read and intriguing.

GitHub - mehrankmlf/SecurePacketEnvelope: Hybrid Encryption in Swift