iPhone/iPad Encrypting JSON

I want to encrypt some json from a server and then decrypt it on the iphone/ipad. What are your thoughts on this? What is the best approach to t开发者_JS百科his? Should I scrap this idea and just go via SSL?

Save yourself a lot of trouble and just use HTTPS for all server communications.

As stated above one way is to do everything over https.

An alternative I can think of is the following:

1. Generate an symmetrical encryption key per session/login per client on the server
2. Send that key to the client over https
3. From there on encrypt all the data you send to the client with that key
4. The client can then decrypt the encrypted data

I don't have enough knowledge about https. I often read that is heavy on the resources of the system, but since I have not made or read some good benchmarks I can't give you a rigorous argument for or against it.

The implementation I proposed require a little bit more coding, but you can tailor to your encryption needs.

I think ultimately your decision should be made based on your usage scenario, if you sent very little data, not often to a few client application, you can't go wrong with https. If your expected encrypted traffic is high, the alternative solution might make sense.