For iOS applications that require push notifications, they must first ask the user for permission to do this. After that, a device token is created, and with this the remote server can exchange information with the user through this token.
I read a similar question here , and I don't feel that is enough. The figure below shows a trusted certificate that allows me to view all the traffic that occurs on this device.
With Fiddler2 as well as CertMaker , I can sniff out HTTPS traffic, which means that the client can probably know what data they send and where.
My question is, knowing that SSL is not protected from protecting my clients from what I send to a remote server, should I just encrypt the secret key found in my application?
For example, encrypt("device_token","secretkey_a0a0a0a") (suppose it's Objective-C)?
Could someone find this key in my application? I am also reading this question, and it seems that a secret key could be returned.
My plan for this is as follows:
- In an iOS app, create a random string called
activate . - Encrypt (not hash) the token with a random string and secret key that I know. (Secretkey_a0a0a0)
- Send the encrypted string along with the randomly generated string (active).
- Inside serveride, I check if I can decrypt the valid token using
active and my secret key. - I save the token in my database if it is valid.
This prevents accidental input of tokens, but secretkey_a0a0a0 is a string literal. It is very possible to get this in the most binary application application.
My question is: how do I protect this private key? The answer may also be, how can I prevent people from sending invalid tokens to my server.
I heard about encryption, but does this apply only to resource files?
How do I approach this?