1

I'm looking for fips compliant authenticated encryption. If I understand correctly, there's no support for authenticated encryption out of the box in ios. In that case I suppose I can do AES-CBC + SHA256. I know the latter is supported. Is the former supported?

Are there other alternatives to the above?

EDIT: while on the subject - does ios support ECDH in common crypto? or is it only support in the internal core crypto?

Thanks, Z

Zohar Etzioni
  • 691
  • 5
  • 14
  • Yes, Apple Commopn Crypto supports AES and CBC mode as well as SHA256. Also consider [RNCryptor](https://github.com/RNCryptor) which is available in several languages for several platforms. It is secure, well vetted and under current development/maintenance. It provides all the details such as a random iv, message authentication, key extension and versioning for strong security. – zaph Sep 18 '17 at 16:51
  • 1
    Apple on iOS does not support many current cryptographic methods and does not plan to update Common Crypto (I have that in writing from Apple). Do this: https://bugreport.apple.com Android is way ahead on cryptographic security: Sad! – zaph Sep 18 '17 at 17:02
  • 2
    Note that you need AES-CBC, followed by **HMAC** with SHA-256. Just SHA-256 is not secure; you need a keyed hash with a good construct such as HMAC> – Maarten Bodewes Sep 18 '17 at 18:58

0 Answers0