Create random 128 bit AES Encryption key in iOS

Question

I want to create random AES Encryption key (128 bit) in ios. I have searched in SO but I cannot find a good answer. Please give me some advice. thanks in advance.

UP

Answer 1

This might help

- (NSString *)getRandomKey{
    NSString *alphabet  = @"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXZY0123456789/=+";
    NSMutableString *s = [NSMutableString stringWithCapacity:20];
    for (NSUInteger i = 0; i < 20; i++) {
        u_int32_t r = arc4random() % [alphabet length];
        unichar c = [alphabet characterAtIndex:r];
        [s appendFormat:@"%C", c];
    }
    NSLog(@"%@", s);
    NSString *key = s;
    return key;
}

Answer 2

Woah, that's complicated code for a simple task!

- (NSData *)random128BitAESKey {
    unsigned char buf[16];
    arc4random_buf(buf, sizeof(buf));
    return [NSData dataWithBytes:buf length:sizeof(buf)];
}

You probably heard somewhere that you should use salt and hash your passwords. It looks like you took this advice a little too far: there are no passwords here and yet your code still salts and hashes the data! This is completely useless when the input comes from a secure random number generator like arc4random.

Of course it won't convert to an NSString because random data is unlikely to be valid UTF-8 string.

Answer 3

You might want to use Apple's random byte generator for this which is considered more secure than arc4random.

int SecRandomCopyBytes ( SecRandomRef rnd, size_t count, uint8_t *bytes ); 

https://developer.apple.com/library/ios/documentation/Security/Reference/RandomizationReference/index.html#//apple_ref/c/func/SecRandomCopyBytes

A good explanation for this can be found on a blog post by James Carroll:

http://jamescarroll.xyz/2015/09/09/safely-generating-cryptographically-secure-random-numbers-with-swift/

Open Whisper Systems use this for the iOS version of their popular secure chat app Signal