Upload from iOS App to Amazon S3
Have you looked at the Amazon AWS SDK for iOS?
From the docs:
The AWSiOSDemoTVM and AWSiOSDemoTVMIdentity samples demonstrate a more secure mechanism for transferring AWS security credentials to a mobile client. These samples require a server application, in this case the token vending machine (TVM), which is provided as a separate download. The sample applications register with TVM, either anonymously or with a user-supplied user name and password. The TVM uses the AWS Security Token Service to get temporary security credentials and pass them to the mobile application.
The TVM is available in two forms, one that supports anonymous registration and one that requires a user name and password to register a device and receive security tokens. To download and install the TVM for Anonymous Registration, go to http://aws.amazon.com/code/8872061742402990. To download and install the TVM for Identity Registration, go to http://aws.amazon.com/code/7351543942956566.
From Authenticating Users of AWS Mobile Applications with a Token Vending Machine:
This article discusses an architecture that enables applications running on a mobile device to more securely interact with Amazon Web Services such as Amazon Simple Storage Service (S3), Amazon SimpleDB, Amazon Simple Notification Service (SNS), and Amazon Simple Queue Service (SQS). The architecture discussed uses a "Token Vending Machine" to distribute temporary security credentials to the mobile application.
Your token can limit access to a specific bucket on S3, so it appears to be the best option.
To further clarify Terry Wilcox's answer...
You need to generate temporary security credentials on your server using AWS STS.
STS is AWS' "Security Token Service". It allows you to create access keys programmatically and set specific permissions and expiration dates.
Since you already have an API/backend for your app that authenticates your users, you can make an API call that will generate temporary AWS credentials that only have access to that user's folder.
If you do not have a backend for your app, Amazon provides a Java app call TVM (Token Vending Machine) that you can easily deploy your own instance of to Elastic Beanstalk.
Relevant AWS articles:
http://aws.amazon.com/articles/4611615499399490
http://docs.aws.amazon.com/STS/latest/UsingSTS/STSUseCases.html#MobileApplication
ASIHTTPRequest has direct support for Amazon S3.
http://allseeing-i.com/ASIHTTPRequest/S3