Following the controversy about the encryption flaw on Macs, Apple published a security white paper discussing its Touch ID system and similar features. The paper offers a better understanding on how the company ensures security on its devices including the "Secure Encalve" in the A7 SoC. A deeper insight into the system of Apple's iPhone 5s should give a sneak peak of what people can expect from the upcoming iPhone 6. Can Apple ensure a secure iPhone 6?
The white paper discusses a number of Apple software security protocols and iOS hardware. Apple decided to detail latest information about how the Secure Enclave and Touch ID function together in protecting user data. The white paper was first reported by Tech Crunch. Apple's "iPhone in Business" website posted the white paper.
The paper notes that the A7 Secure Enclave functions a coprocessor included in Apple's newest system-on-a-chip design. The component comes with a software update and secure boot sequence different from the application processor. It is also in charge of "all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised." According to the document:
"Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space."
"Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter."
Apple also added how the unlocking mechanism in the iPhone 5s works. While it may follow a relatively different method, it works with similar confidential and data protection key mechanisms:
"On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they're wrapped with a key that is given to the Touch ID subsystem. When a user attempts to unlock the device, if Touch ID recognizes the user's fingerprint, it provides the key for unwrapping the Data Protection keys and the device is unlocked. This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device."
This should provide an insight on what Apple has been capitalizing on for its devices. It also provides an overview on how the security may work on the iPhone 6. People will have to wait for more announcements.