Infobase Specialist Hacked Apple Secure Enclave Cryptographic Protection
Recently it became known that an information security specialist with the nickname xerub was able to get access to Secure Enclave protection. The hacker has already laid out the appropriate decryption key, with which other experts will be able to study in detail the features of the cryptographic protection of Apple devices. "Anyone can now view and poke into SEP," said xerub.
Apple has not yet confirmed the authenticity of the key laid out by the hacker. However, company representatives have already stated that even if this is so, the data of users of gadgets companies will not be under threat.
Secure Enclave is a technology that is part of the processor of devices equipped with a Touch ID sensor. The sensor itself does not store any fingerprint images. Instead, it retains their mathematical representations. According to representatives of Apple , from the mathematical representation can not get a real image of the print. But in order to avoid even the slightest opportunity to make it to an outsider, the company created Secure Enclave. All fingerprint data is encrypted and protected by a key that is available only to Secure Enclave. They are used only by this system to check the match of the fingerprint with the stored data. It is (system) separated from the rest of the processor and the operating system itself. So the data that is in the repository cannot be used by iOS and any other programs that are stored on Apple servers and copied to iCloud or other repositories.
Other information security experts are convinced that getting access to Secure Enclave does make Apple devices vulnerable to attackers, whatever Apple says. βI hope Apple will work to increase user protection, since itβs already impossible to hide SEP,β said xerub.
Unfortunately, he did not disclose the methods used to decrypt the security key. Nor did he say anything about whether any vulnerabilities were found in the SEP system or not.
βIn my opinion, there is nothing terrible here,β said Partick Wardle, head of cybersecurity at Synack and founder of Objective-See. βThis only means that information specialists and yes, hackers will now be able to analyze the firmware for bugs. Previously, it was encrypted, so nothing could be done. But now the defense is less strong, so that outsiders will be able to analyze the software. β
The question of whether xerub can in any way use the decryption key to exploit any vulnerabilities (if they exist) remains open. In addition, another important question is whether Apple can solve the problem and develop a new encryption key for Secure Enclave.
Until now, there was not much information about this technology. The company talked about it, but did not disclose the main details. Last year, a group of cyber security experts presented a report on this protection. The experts have learned a lot, but much has remained hidden. Now there is no mystery anymore. It remains to wait for the reaction of Apple and further actions of both the company and third-party specialists, including hackers.
TouchID first appeared in the iPhone 5S and iPad Air 2. With a fingerprint, users can not only unlock their phones, but also confirm transactions in various programs, including Apple Pay, Apple App Store, iBooks, and other applications.
And a little more about hacking
Apple does not end there. Another group of specialists was able to find a new way to bypass the protection of password-locked phones. This method of hacking was shown by the author of the Youtube channel EverythingApplePro.
The method is based on the enumeration of PIN-code options, and it works in recovery mode, where the restriction on the number of password entry attempts does not work. It takes about 20 hours to select a code of 4 characters. This is not so much if we consider that it was impossible to select a password before. In general, Apple will have to try to solve all the problems with the security of its devices.