我正在创建一个 iphone 应用程序。
在应用程序中,我需要与我的数据库进行通信。我环顾四周,发现最好的方法是 iPhone -> webserver -> mysql。
如果我使用 https,流量将不会是明文形式。
但我仍然担心安全问题。
假设我有 auth.php,它将验证与网络服务器的当前会话,如果我有游戏或其他东西并使用 registerresult.php 注册结果,用户仍然可以通过 auth 登录.php 通过网站并在 registerresult.php 中注册自己的结果。
(我使用 POST 方法发布数据)
你看到问题了吗?
我看过这个: http: //www.icodeblog.com/2009/10/29/iphone-coding-tutorial-creating-an-online-leaderboard-for-your-games/2/
但是,这真的是一个好方法,还是有更好的方法?(在每个语句中发送一个硬编码的“密钥”)
如果没有使用 https,那么该密钥无论如何都是明文的?
(升级到答案)
实现全面安全是不可能的:您始终必须考虑威胁是什么(来自谁,它们的资源如何等),以便充分防御它们。
例如,即使您在将结果数据发送到您的registerresult.php页面之前对结果数据进行了加密签名,签名密钥仍必须嵌入到用户手机上的应用程序中 - 因此,确定的破解者仍然可以提取密钥并发送伪造的结果。我认为您必须在您的服务器上运行游戏,以便将状态信息保存在那里,以击败这种性质的威胁。
However, it's unlikely that anyone would go to such lengths to crack an iPhone game (unless perhaps the game was incredibly popular or paid out prizes of some material value). Would it really matter to you if a few highly skilled people succeeded in sending forged results? It's worth thinking about.
Should you decide that you can tolerate such threats, the approach cited in your question has some flaws. Whilst HTTPS does secure the secret key from being intercepted by a packet sniffer, it does not prevent it being intercepted by a transparent proxy that presents an SSL certificate which is accepted by the phone (such as a self-signed one that has been added to its keychain).
To defeat threats of this sort, I suggest that you calculate a secure hash of (data + random salt value + secretkey) and send (data, that same salt value, that hash) to the server; the server can then recompute what the hash should have been from the known secret key and check that it verifies against the received hash.
上面的用户@eggyal 据说是最好的答案。你最好在你的项目中使用密码学,然后你会将数据发送到你的服务器文件以供数据库使用。在服务器端,您将解密您从前端接收到的数据,然后您将与数据库进行通信。这将是安全的通信。使用加密和解密方法。