Apple’s Secure Enclave Processor (SEP) Firmware Decrypted (opens in new tab)

(hackaday.com)

230 pointswonderous8y ago36 comments

36 comments

21 comments · 8 top-level

LeoPanthera8y ago· 5 in thread

August 18, 2017

Also, don't be mislead by the headline. To quote a comment on the article:

"Imagine the Secure Enclave as a vault. Apple hung a big, dark curtain over it to prevent anyone from even seeing the vault. Now, that curtain has been opened and people can see the vault. The vault, however, is still locked as securely as ever."

wonderousOP8y ago

Maybe for a casual reader, but nothing is misleading about the headline unless you don’t understand how Apple’s Secure Enclave Processor (SEP) works.

For more on that, as mentioned in the linked page, there’s the “Demystifying the Secure Enclave Processor” talk from Blackhat:

https://www.youtube.com/watch?v=7UNeUT_sRos

Or here’s the PDF:

https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

rubyfan8y ago

> unless you don’t understand how Apple’s Secure Enclave Processor (SEP) works.

So basically it’s only misleading to 99.9999% of people?

2 more replies

c228y ago

Isn't it more like getting the plans to the vault?

runeks8y ago

It’s more like acquiring knowledge of the mechanics of a safe dial lock: if the mechanism exposes a safe interface, it doesn’t matter. Only if there’s a flaw in the inner workings of the lock, that an attacker can exploit from the outside, does it pose a problem.

1 more reply

slim8y ago

Actually the sentence you've chosen is misleading. This is the essential step towards breaking the iPhone open. The next steps will be less news worthy, til we get a jail break

nateberkopec8y ago· 4 in thread

The link makes it sound like SEP only handles TouchID - is this true, or does the SEP also deal with passcodes?

ikawe8y ago

It does more than that.

From the [ios security guide]:

> The Secure Enclave provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised.

e.g. you can encrypt and decrypt, referencing a key by id, but without having the private key ever leave the enclave, even if the app or iOS kernel gets compromised.

[ios security guide] https://www.apple.com/business/docs/iOS_Security_Guide.pdf

The Secure Enclave section is pretty short and the entire document is very approachable.

DennisP8y ago

Sounds like basically what a cryptocurrency hardware wallet does.

Several months ago I saw a project making wallet software that used the enclave. I forget who they were but I think they'll have a hard sell; everyone just reflexively assumed it was insecure because it was on a phone.

3 more replies

userbinator8y ago

That sounds like what's essentially a TPM.

1 more reply

iancarroll8y ago

The SEP also deals with passcodes, yes. It is integral to preventing the passcode from being brute forced.

abalone8y ago· 3 in thread

> It’s a black box that we’re not supposed to know anything about

Nope. Apple published a whitepaper that details how the SEP works.[1] Decrypting the firmware does help researchers look for vulnerabilities in the implementation, but it's not like Apple is relying on it being a black box.

[1] https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Cyph0n8y ago

Can you point out the section in that whitepaper that describes SEP in detail? Because all I see is a high-level marketing document.

abalone8y ago

Says the PhD candidate in hardware security. You may want more low-level details but it's inaccurate characterize it as "marketing". That's just snark. It presents numerous details on the implementation of the SEP throughout the document.

1 more reply

johneth8y ago

There's a video of a presentation by Ivan Krstic (head of security engineering, Apple) at Black Hat from 2016 about iOS security: https://www.youtube.com/watch?v=BLGFriOKz6U

runeks8y ago· 1 in thread

This is interesting. I hope Apple has some hefty bug bounties on SEP vulnerabilities. I also hope Apple has chosen a sensibly safe language for the SEP firmware code, since correctness is of essential importance here.

tyingq8y ago

See this blackhat paper for some detail. https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

runesoerensen8y ago

Previously discussed here https://news.ycombinator.com/item?id=15039460

LeonM8y ago

How does one find such a key? It's my understanding the brute forcing such key would take billions of years on a regular CPU, so can anyone here explain how this was (probably) achieved?

hendersoon8y ago

This was actually cracked back in August, and sites quoted Apple as saying they have no plans to fix it, presumably because obscurity is not security and they originally encrypted it because well, why _not_?

Ultimately there will be some exposure from this, and they'll address each exploit as it comes just like the rest of the system.

log788y ago

This article is extremely misleading to most people

j / k navigate · click thread line to collapse

36 comments

21 comments · 8 top-level

LeoPanthera8y ago· 5 in thread

August 18, 2017

Also, don't be mislead by the headline. To quote a comment on the article:

wonderousOP8y ago

Maybe for a casual reader, but nothing is misleading about the headline unless you don’t understand how Apple’s Secure Enclave Processor (SEP) works.

For more on that, as mentioned in the linked page, there’s the “Demystifying the Secure Enclave Processor” talk from Blackhat:

https://www.youtube.com/watch?v=7UNeUT_sRos

Or here’s the PDF:

https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

rubyfan8y ago

> unless you don’t understand how Apple’s Secure Enclave Processor (SEP) works.

So basically it’s only misleading to 99.9999% of people?

2 more replies

c228y ago

Isn't it more like getting the plans to the vault?

runeks8y ago

1 more reply

slim8y ago

Actually the sentence you've chosen is misleading. This is the essential step towards breaking the iPhone open. The next steps will be less news worthy, til we get a jail break

nateberkopec8y ago· 4 in thread

The link makes it sound like SEP only handles TouchID - is this true, or does the SEP also deal with passcodes?

ikawe8y ago

It does more than that.

From the [ios security guide]:

> The Secure Enclave provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised.

e.g. you can encrypt and decrypt, referencing a key by id, but without having the private key ever leave the enclave, even if the app or iOS kernel gets compromised.

[ios security guide] https://www.apple.com/business/docs/iOS_Security_Guide.pdf

The Secure Enclave section is pretty short and the entire document is very approachable.

DennisP8y ago

Sounds like basically what a cryptocurrency hardware wallet does.

3 more replies

userbinator8y ago

That sounds like what's essentially a TPM.

1 more reply

iancarroll8y ago

The SEP also deals with passcodes, yes. It is integral to preventing the passcode from being brute forced.

abalone8y ago· 3 in thread

> It’s a black box that we’re not supposed to know anything about

[1] https://www.apple.com/business/docs/iOS_Security_Guide.pdf

Cyph0n8y ago

Can you point out the section in that whitepaper that describes SEP in detail? Because all I see is a high-level marketing document.

abalone8y ago

1 more reply

johneth8y ago

There's a video of a presentation by Ivan Krstic (head of security engineering, Apple) at Black Hat from 2016 about iOS security: https://www.youtube.com/watch?v=BLGFriOKz6U

runeks8y ago· 1 in thread

tyingq8y ago

See this blackhat paper for some detail. https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-De...

runesoerensen8y ago

Previously discussed here https://news.ycombinator.com/item?id=15039460

LeonM8y ago

How does one find such a key? It's my understanding the brute forcing such key would take billions of years on a regular CPU, so can anyone here explain how this was (probably) achieved?

hendersoon8y ago

Ultimately there will be some exposure from this, and they'll address each exploit as it comes just like the rest of the system.

log788y ago

This article is extremely misleading to most people

j / k navigate · click thread line to collapse