"This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device," according to the whitepaper.
The Enclave coprocessor also provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised, according to Apple. "Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space," according to the whitepaper.
The Enclave itself is designed to protect both the data it uses and its own operations. It has its own secure boot process and personalized software update, separate from those for the A7 application processor. "Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers," according to the whitepaper. When the Enclave saves data to the file system, it encrypts the data with a key "tangled with" the UID and an anti-replay counter.
Apple's defense-in-depth security
This interlocking, defense-in-depth approach to protecting the Enclave's operations and data, and those of Touch ID, is a pattern Apple has applied comprehensively throughout the iOS security architecture.
"They're wrapping key pairs on top of key pairs," says Nachreiner. "They're relying not on just one private key, but they are entangling the device's unique ID...and then adding another specific key for, say, iMessage [information]. The more you can add a whole bunch of unique pieces of information, the harder it becomes to crack it."
Apple's segmentation of data means that even if one part of the security architecture is compromised, an attacker or a jailbreaker is unlikely to get access to all encrypted data. Mogull's blog post analyzing iCloud Keychain shows this clearly.
ICloud Keychain lets you create multiple passwords to websites from within the Safari browser. This keychain of passwords can be synced between different devices, and it's backed up to Apple's servers. But the backup raises a potential problem: in light of the revelations about government snooping, "trusting the keys to your digital life to a large company is a daunting prospect," Mogull writes.
Apple handles this by using "different, but related, security methods to protect both keychain syncing and keychain escrow and recovery backup," he says.
Without repeating Mogull's analysis, Apple's keychain sync process keeps your unique private key on your device, and iCloud never stores the keychain. This process is repeated for each separate device. "When passwords are added or changed, Apple syncs only the individual keychain items to other devices that need the update, one at a time," Mogull writes. "In other words, each keychain item is sent only to each device that needs it, the item is encrypted so only that device can read it, and only one item at a time passes through iCloud."
Sign up for Computerworld eNewsletters.