Does your program use TLS/SSL (by using OpenSSL or https through CFNetwork) or Secure Transport?
If you are not using TLS/SSL, what are you using? Is this method a standard? If yes, what is the standards body? You should use an accepted standard protocol for secure networking. The only way to ensure that your messages are as secure as possible is to use the most recent version of a standard secure networking protocol, such as TLS. A standard has had peer review and so is more likely to be secure. For secure networking protocols available on Mac OS X, see http://developer.apple.com/referencelibrary/Networking/idxSecurity-title.html. Does your program use any other cryptographic algorithms? If yes, be sure you use existing optimized functions. It is very difficult to implement a secure cryptographic algorithm, and good, secure cryptographic functions are readily available. In iPhone OS, use the cryptographic functions in Certificate, Key, and Trust Services (Certificate, Key, and Trust Services Reference). For Mac OS X, see Apple’s implementation of the CDSA framework (available at
