Feature request: Using Symmetric-key algorithm AES? to protect data transfer?

[ryh]

Using Symmetric-key algorithm AES (or something like that) to protect data transfer if the TV & iPhone communicated via open wifi ?

the key can show (via text/QR?) on TV Screen (random generated, or encrypt the key again in code) or just embed the key in code...

[rsattar]

Hey @ryh, thanks for the suggestion. I'll think about it a bit more, but I'd rather not do a symmetric-key algorithm, since the key would have to be stored on the app binary.

The QR code idea is an interesting idea. I could let the host tvOS app and host iOS app handle the generation of the QR code and the encryption part.

[williamsjj]

It would be a good idea to have symmetric key as an option, leaving it up to the implementer to supply the key. There's a number of ways a key can be derived at runtime without building it into the binary.

Asymmetric encryption is only used for key exchange anyway before it uses symmetric for the actual data transfer, so offering direct access to symmetric gives more flexibility for using alternate keying mechanisms.

[CallumOz]

The Diffie-Hellman key exchange is probably an easier solution for the users, I have never heard of it being used in an iOS App, but I think it could be a good idea to look into it. It allows for the generation of a single usage encryption key shared between 2 parties over an insecure network.

[jvanmetre]

You could potentially link in OpenSSL to Voucher, and use OpenSSL's Diffie-Hellman implementation http://www.openssl.org/docs/manmaster/crypto/dh.html