Introducing CryptoKit

Cryptography is key to protecting your users’ data. This tutorial shows you how to use Apple’s new CryptoKit API to authenticate or encrypt your app’s data. By Audrey Tam.

Leave a rating/review
Download materials
Save for later
Share
You are currently viewing page 5 of 5 of this article. Click here to view the first page.

Complying With Encryption Export Regulations

One last thing. Encryption is a sensitive political issue in many countries. This map shows which countries have licensing or registration requirements, import/export controls, obligations on providers to assist authorities and other restrictions.

The U.S. is one of the countries with export controls. It’s legal stuff, so I’ll quote directly from Apple’s article Complying with Encryption Export Regulations:

When you submit your app to TestFlight or the App Store, you upload your app to a server in the United States. If you distribute your app outside the U.S. or Canada, your app is subject to U.S. export laws, regardless of where your legal entity is based. If your app uses, accesses, contains, implements, or incorporates encryption, this is considered an export of encryption software, which means your app is subject to U.S. export compliance requirements, as well as the import compliance requirements of the countries where you distribute your app.

And from Apple’s App Store Connect Help Export compliance overview:

Use of encryption includes, but is not limited to:

  • Making calls over secure channels (i.e. HTTPS, SSL, and so on).
  • Using standard encryption algorithms.
  • Using crypto functionality from other sources such as iOS or macOS.
  • Using proprietary or non-standard encryption algorithms. The U.S. Government defines “non-standard cryptography” as any implementation of “cryptography” involving the incorporation or use of proprietary or unpublished cryptographic functionality, including encryption algorithms or protocols that have not been adopted or approved by a duly recognized international standards body ( e.g., IEEE, IETF, ISO, ITU, ETSI, 3GPP, TIA, and GSMA) and have not otherwise been published.

App Store Connect provides a set of questions to help you determine if export compliance documentation is required from you, and which forms are needed.

Where To Go From Here?

Congratulations! You’ve taken a quick tour of all the things CryptoKit can do and learned a little of how cryptography works. And aren’t you glad CryptoKit makes everything so easy?

You can download the completed version of the project using the Download Materials button at the top or bottom of this tutorial.

As always, you can find out more at the source:

In addition to the (mostly Wikipedia) links throughout this tutorial, here’s the explanation of elliptic curve cryptography that really helped me see what was going on: