SlideShare a Scribd company logo

Iphone 5s Touch ID Security

Download as PPTX, PDF
Abhishek Koserwal
Abhishek Koserwal

Apple Iphone 5s Touch ID Working & Security features and Vulnerability Issues.

MobileTechnologyNews & Politics
1 of 10
T o u c h I D i s t h e f i n g e r p r i n t s e n s i n g s y s t e m b u i l t i n t o i P h o n e 5 s , m a k i n g s e c u r e a c c e s s t o t h e d e v i c e f a s t e r a n d e a s i e r . T o u c h I D c a n b e t r a i n e d t o r e c o g n i z e u p t o f i v e d i f f e r e n t f i n g e r s . Wi t h o n e f i n g e r e n r o l l e d , t h e c h a n c e o f a r a n d o m m a t c h wi t h s o m e o n e e l s e i s 1 i n 5 0 , 0 0 0 . T o u c h I D s e n s o r i s o n l y 1 7 0 m i c r o n s t h i n , n o t m u c h t h i c k e r t h a n a h u m a n h a i r . T h i s h i g h - r e s o l u t i o n 5 0 0 p p i s e n s o r c a n r e a d e x t r e m e l y f i n e d e t a i l s o f y o u r f i n g e r p r i n t .
There are two kinds of processors, application processor (A7) and Secure Enclave. What is Secure Enclave? A coprocessor fabricated in the Apple A7 chip, has its OWN secure boot and personalized software update, encrypted memory and hardware random number generator. What does Secure Enclave do? • It provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection. • it is also responsible for processing fingerprint data, determining if there is a match, and enabling access or purchase on behalf of the user. • (The 88-by-88-pixel, 500-ppi raster scan is temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis, and then it’s discarded after. SECURE ENCLAVE
How Secure Enclave communicate with app processor? • Communication is isolated to an interrupt-driven mailbox and shared memory data. buffers Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID), not known to Apple, not accessible to other parts of the system. • Note that this UID is NOT SAME with that fused into application processor. Create an ephemeral key tangled with UID to encrypt Secure Enclave’s portion of the device’s memory space. • Data saved to file system by Secure Enclave is encrypted with a key tangled with UID and an anti-replay counter. • Utilizes System Software Authorization to ensure the integrity of its software and prevent downgrade.
How Touch ID unlocks iPhone 5s On devices with an A7 processor, the Secure Enclave holds the cryptographic class keys for Data Protection. When a device locks, the keys for Data Protection class Complete are discarded, and files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode.
• On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they’re wrapped with a key that is given to the Touch ID subsystem. • When a user attempts to unlock the device, if Touch ID recognizes the user’s fingerprint, it provides the key for unwrapping the Data Protection keys and the device is unlocked. • This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device.
Encryption/Decryption • Every iOS device has a dedicated AES 256 crypto engine built into the DMA path between the flash storage and main system memory, making file encryption highly efficient. • Along with the AES engine, SHA-1 is implemented in hardware, further reducing cryptographic operation overhead.
Spoofing Fingerprints The iPhone 5s's fingerprint sensor does not only Appear to Provide no additional protection, its use even under mines other security mechanisms. Fingerprints are not fit for secure local user authentication as long as spoofs ("fake fingers") can be produced from synthesis pervasive copies. The decrypted class keys are only held in memory, so they’re lost if the device is rebooted. Additionally, as previously described, the Secure Enclave will discard the keys after 48 hours or 5 failed Touch ID recognition attempts. Decrypted
Prevention Fingerprint spoof prevention would better be based on intrinsic errors in the spoof-creation process or on fingerprint features not present in latent prints (and become much harder to steal). Examples of such spoof-detection features are air bubbles contained in the glue often used for spoofs (white dots in left image) and minute details that are visible through a fingerprint sensor but not in a latent print (black dots in right image). Even by just comparing the density of white vs. black dots, sensors would challenge hackers to Improve Their spoofing techniques.
• http://support.apple.com/kb/ht5949 • http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf • http://www.theguardian.com/technology/2013/oct/04/iphone-5s-fingerprint-id- theft • https://srlabs.de/spoofing-fingerprints/ • http://fionalerntprogrammieren.wordpress.com/2013/08/07/ohm-workshop-finger- print-spoofing/

Recommended

Jamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS SecurityJamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS Security
centralohioissa
 
Demystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchIDDemystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchID
Sebastián Guerrero Selma
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app development
Dusan Klinec
 
Introducing Apple iPhone 5s
Introducing Apple iPhone 5sIntroducing Apple iPhone 5s
Introducing Apple iPhone 5s
JJ Wu
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
iOS Hacking: Advanced Pentest & Forensic Techniques
iOS Hacking: Advanced Pentest & Forensic TechniquesiOS Hacking: Advanced Pentest & Forensic Techniques
iOS Hacking: Advanced Pentest & Forensic Techniques
Ömer Coşkun
 
Rang Dey Zindagi infograph
Rang Dey Zindagi infographRang Dey Zindagi infograph
Rang Dey Zindagi infograph
Abhishek Koserwal
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 

Recommended

Jamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS SecurityJamie Bowser - A Touch(ID) of iOS Security
Jamie Bowser - A Touch(ID) of iOS Security
centralohioissa
 
Demystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchIDDemystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchID
Sebastián Guerrero Selma
 
iOS secure app development
iOS secure app developmentiOS secure app development
iOS secure app development
Dusan Klinec
 
Introducing Apple iPhone 5s
Introducing Apple iPhone 5sIntroducing Apple iPhone 5s
Introducing Apple iPhone 5s
JJ Wu
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
iOS Hacking: Advanced Pentest & Forensic Techniques
iOS Hacking: Advanced Pentest & Forensic TechniquesiOS Hacking: Advanced Pentest & Forensic Techniques
iOS Hacking: Advanced Pentest & Forensic Techniques
Ömer Coşkun
 
Rang Dey Zindagi infograph
Rang Dey Zindagi infographRang Dey Zindagi infograph
Rang Dey Zindagi infograph
Abhishek Koserwal
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
nishacall1
 
Leading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdfLeading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdf
CWS Technology
 
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Cara Menggugurkan Kandungan 087776558899
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
nishacall1
 
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
PsychicRuben LoveSpells
 
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
 

More Related Content

Recently uploaded

9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
nishacall1
 
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Cara Menggugurkan Kandungan 087776558899
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
nishacall1
 
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
Delhi Call girls
 

Recently uploaded (6)

9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 52 (Delhi) Call Girl Service
 
Leading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdfLeading Mobile App Development Companies in India (2).pdf
Leading Mobile App Development Companies in India (2).pdf
 
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
Obat Penggugur Kandungan Di Apotik Kimia Farma (087776558899)
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
 
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
 
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
 

Featured

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 

Featured (20)

Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 

Iphone 5s Touch ID Security

  • 1.
  • 2. T o u c h I D i s t h e f i n g e r p r i n t s e n s i n g s y s t e m b u i l t i n t o i P h o n e 5 s , m a k i n g s e c u r e a c c e s s t o t h e d e v i c e f a s t e r a n d e a s i e r . T o u c h I D c a n b e t r a i n e d t o r e c o g n i z e u p t o f i v e d i f f e r e n t f i n g e r s . Wi t h o n e f i n g e r e n r o l l e d , t h e c h a n c e o f a r a n d o m m a t c h wi t h s o m e o n e e l s e i s 1 i n 5 0 , 0 0 0 . T o u c h I D s e n s o r i s o n l y 1 7 0 m i c r o n s t h i n , n o t m u c h t h i c k e r t h a n a h u m a n h a i r . T h i s h i g h - r e s o l u t i o n 5 0 0 p p i s e n s o r c a n r e a d e x t r e m e l y f i n e d e t a i l s o f y o u r f i n g e r p r i n t .
  • 3. There are two kinds of processors, application processor (A7) and Secure Enclave. What is Secure Enclave? A coprocessor fabricated in the Apple A7 chip, has its OWN secure boot and personalized software update, encrypted memory and hardware random number generator. What does Secure Enclave do? • It provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection. • it is also responsible for processing fingerprint data, determining if there is a match, and enabling access or purchase on behalf of the user. • (The 88-by-88-pixel, 500-ppi raster scan is temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis, and then it’s discarded after. SECURE ENCLAVE
  • 4. How Secure Enclave communicate with app processor? • Communication is isolated to an interrupt-driven mailbox and shared memory data. buffers Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID), not known to Apple, not accessible to other parts of the system. • Note that this UID is NOT SAME with that fused into application processor. Create an ephemeral key tangled with UID to encrypt Secure Enclave’s portion of the device’s memory space. • Data saved to file system by Secure Enclave is encrypted with a key tangled with UID and an anti-replay counter. • Utilizes System Software Authorization to ensure the integrity of its software and prevent downgrade.
  • 5. How Touch ID unlocks iPhone 5s On devices with an A7 processor, the Secure Enclave holds the cryptographic class keys for Data Protection. When a device locks, the keys for Data Protection class Complete are discarded, and files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode.
  • 6. • On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they’re wrapped with a key that is given to the Touch ID subsystem. • When a user attempts to unlock the device, if Touch ID recognizes the user’s fingerprint, it provides the key for unwrapping the Data Protection keys and the device is unlocked. • This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device.
  • 7. Encryption/Decryption • Every iOS device has a dedicated AES 256 crypto engine built into the DMA path between the flash storage and main system memory, making file encryption highly efficient. • Along with the AES engine, SHA-1 is implemented in hardware, further reducing cryptographic operation overhead.
  • 8. Spoofing Fingerprints The iPhone 5s's fingerprint sensor does not only Appear to Provide no additional protection, its use even under mines other security mechanisms. Fingerprints are not fit for secure local user authentication as long as spoofs ("fake fingers") can be produced from synthesis pervasive copies. The decrypted class keys are only held in memory, so they’re lost if the device is rebooted. Additionally, as previously described, the Secure Enclave will discard the keys after 48 hours or 5 failed Touch ID recognition attempts. Decrypted
  • 9. Prevention Fingerprint spoof prevention would better be based on intrinsic errors in the spoof-creation process or on fingerprint features not present in latent prints (and become much harder to steal). Examples of such spoof-detection features are air bubbles contained in the glue often used for spoofs (white dots in left image) and minute details that are visible through a fingerprint sensor but not in a latent print (black dots in right image). Even by just comparing the density of white vs. black dots, sensors would challenge hackers to Improve Their spoofing techniques.
  • 10. • http://support.apple.com/kb/ht5949 • http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf • http://www.theguardian.com/technology/2013/oct/04/iphone-5s-fingerprint-id- theft • https://srlabs.de/spoofing-fingerprints/ • http://fionalerntprogrammieren.wordpress.com/2013/08/07/ohm-workshop-finger- print-spoofing/