Isn't Public key mechanism answer your need ?
Generate a public / private key pair on device.
Send the public key to server on registration
send a message from server to device, sign (encrypt) with private key, send to server which decrypts with the public key to check it matches.
Thanks! Is there Apple documentation available for the above mentioned workflow?
Workflow is not speciifc to APple. It is the general principal of signing information in PKI environment.
But if you don't know it yert, that's a pretty technical topic.
>Is there any mechanism to
> 1) generate a unique string/token(like UUID/ identifierForVendor) in device
> 2) and verify the same in host/server?
You need to be a bit more specific about what you want to do in #1 and #2 above. Specifically, what do you mean by "verify"
If you are trying to communicate privately (sending and receiving encoded messages) between two devices you can use the public/private key mechanism available in OpenSSL. It's complicated. It allows you do encode information so that others can't read it even if they can read the back-and-forth that set up the public/private key.
But if what you want to do is get a unique identifier for each device or user so that you can treat each user or device separately then there are two simple approaches. The first is identifierForVendor (which you know about) and the second is a do-it-yourself of identifierForVendor:
NSString *uniqueString=[[NSUUID UUID] UUIDString];
In both cases you may want to store the identifier in the keychain so it won't change when the user deletes and reinstalls the app. You may want to store it in the user's key-value file in iCloud so it is unique to the user's Apple ID not to the device.
Regarding "verify" - if what you want to do is be sure this identifier comes from your app then that requires "signing" the transmission package. You do that by generating a 'seeded hash' of the package and sending that with the package. A seeded hash is created by adding something secret - like "abc iphonegamedeveloper" to the original string and then calculating the SHA1 hash with OpenSSL.
Is there any document or sample app available in our developer portal?