• Home
  • Apple News
  • Jailbreak News
  • Android News
  • Wallpapers
  • Deals

iJailbreak | Jailbreak And iOS News

iJailbreak is an online resource for jailbreak and unlock iPhone, iPad, iPod Touch, Apple TV and iOS news.

  • How To Jailbreak
    • Cydia Installer: Everything You Need To Know
    • What Is Jailbreaking? Why Should I Jailbreak?
    • Untethered vs Tethered vs SemiTethered Jailbreak
  • Jailbreak Software Tools
    • PP Jailbreak
    • TaiG
    • Pangu
    • Evasi0n (Evasi0n7)
    • Absinthe
    • JailbreakMe.com
    • RedSn0w
    • GreenPois0n
    • Sn0wBreeze
    • PwnageTool
    • LimeRa1n
    • Spirit
    • BlackRa1n
    • Seas0nPass
    • Developers
  • How To Unlock
  • How To Downgrade
    • How To Save SHSH Blobs
    • TinyUmbrella
    • iFaith
    • F0recast
  • Cydia Tweaks
    • Top / Best Cydia Tweaks
    • Best Cydia Sources
    • Siri Cydia Tweaks, Hacks, Mods
    • Spire Proxy Host List
  • How To Root
    • Top / Best Custom ROMs
  • Downloads

New iOS Security Document Details Touch ID And The Secure Enclave System

February 27, 2014 by Jaden Easton-Ellett Leave a Comment

Apple has recently published a security document for iOS on its website (via TechCrunch) where it dives into the various security features of iOS 7 and it even provides additional information on its Touch ID sensor and Secure Enclave system.

iPhone-5s-iPhone-5c-Keynote-iPhone-5s-Touch-ID-Promo-020-630x354

It is without a doubt an interesting read so here are some key highlights starting with how Touch ID processes a fingerprint.

The 88-by-88-pixel, 500-ppi raster scan is temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis, and then it’s discarded after. The analysis utilizes subdermal ridge flow angle mapping, which is a lossy process that discards minutia data that would be required to reconstruct the user’s actual finger- print. The resulting map of nodes never leaves iPhone 5s, is stored without any identity information in an encrypted format that can only be read by the Secure Enclave, and is never sent to Apple or backed up to iCloud or iTunes.

There is only a 1 in 50,000 chance of matching randomly with someone else’s fingerprint.

Next up is how the Secure Enclave System encrypts the identification and share with the rest of the system without exposing that data to an outside party.

Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.

Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.

Fingerprint data is processed with the help of the A7 chip.The data is transferred from Touch ID to the A7 chip and then the Secure Enclave. The whole transferring process itself is encrypted and the data is not read by the A7 during the relay.

Communication between the A7 and the Touch ID sensor takes place over a serial peripheral interface bus. The A7 forwards the data to the Secure Enclave but cannot read it. It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is built into the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrap- ping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.

So how does Touch ID function when unlocking your iPhone?

On devices with an A7 processor, the Secure Enclave holds the cryptographic class keys for Data Protection. When a device locks, the keys for Data Protection class Complete are discarded, and files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode.

On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they’re wrapped with a key that is given to the Touch ID subsystem. When a user attempts to unlock the device, if Touch ID recognizes the user’s finger- print, it provides the key for unwrapping the Data Protection keys and the device is unlocked. This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device.

The decrypted class keys are only held in memory, so they’re lost if the device is rebooted. Additionally, as previously described, the Secure Enclave will discard the keys after 48 hours or 5 failed Touch ID recognition attempts.

This hardly touches on the entire document which isn’t just limited to Touch ID but all the security features of iOS. As such if this kind of thing interests you it is recommended you check out the entire document.

Leave a Reply

Your email address will not be published. Required fields are marked *

Read Our Most Recent Articles

Untethered iOS 12 Jailbreak Demoed by Ali Security
Untethered iOS 12 Jailbreak Demoed by Ali Security
iOS 12 Now Available for Download: Compatible Devices
iOS 12 Now Available for Download: Compatible Devices
iPhone X Discontinued, iPhone 8 and iPhone 7 Prices Slashed
iPhone X Discontinued, iPhone 8 and iPhone 7 Prices Slashed
Apple iPhone Xs, iPhone Xs Max, and iPhone Xr Announced
Apple iPhone Xs, iPhone Xs Max, and iPhone Xr Announced
Apple Watch Series 4 Announced With Larger Display, Louder Speaker, and More
Apple Watch Series 4 Announced With Larger Display, Louder Speaker, and More

Follow Our How To Guides

How To Upgrade And Install Cydia v1.1.6 To Remove The "Dickbar" April Fools Prank
How To Upgrade And Install Cydia v1.1.6 To Remove The "Dickbar" April Fools Prank
How To: Access Tweetbot's Super Secret Settings On iPhone, iPod Touch Or iPad
How To: Access Tweetbot's Super Secret Settings On iPhone, iPod Touch Or iPad
How To Jailbreak iOS 4.1, 4.2, 4.2.1 On iPhone, iPad, iPod Touch With Redsn0w [Mac OS X/Windows]
How To Jailbreak iOS 4.1, 4.2, 4.2.1 On iPhone, iPad, iPod Touch With Redsn0w [Mac OS X/Windows]
How To Get System-Wide Facebook ChatHeads On iOS Right Now With The MessageBox Beta Cydia Tweak [VIDEO]
How To Get System-Wide Facebook ChatHeads On iOS Right Now With The MessageBox Beta Cydia Tweak [VIDEO]
iCloud Allows You To SSH To Your Mac Over The Internet Using Back To My Mac [How To]
iCloud Allows You To SSH To Your Mac Over The Internet Using Back To My Mac [How To]
About | Contact | Advertise | RSS Feed | Sitemap | TOS | Privacy Policy

© Copyright 2010 - 2021 iJailbreak. All Rights Reserved.