Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
iOS SecurityData protection
January 17, Tokyo iOS Meetup
What is?It is a feature to protect data “at rest” and to make offline attacks difficult.
iOS 4 DATA PROTECTION 101https://media.blackhat.com/bh-us-11/Belenko/BH_US_11_Belenko_iOS_Forensics_WP.pdf
Architecture
iOS Security October 2014https://www.apple.com/privacy/docs/iOS_Security_Guide_Oct_2014.pdf
Data Protection classes
Data Protection classes
Class keys Are encryption keys used to encrypt files and keychains elements depending on their protection class.
Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent ItBy Jonathan Zdziarski
Data Protection classesNSFileProtectionComplete
Data Protection classesNSFileProtectionComplete
The class key is protected with a key derived from the user passcode and the device UID. Shortly after the device is locked, the decrypted class key is discarded, rendering all data in this class inaccessible until the device is unlocked.
Data Protection classesNSFileProtectionComplete
The class key is protected with a key derived from the user passcode and the device UID. Shortly after the device is locked, the decrypted class key is discarded, rendering all data in this class inaccessible until the device is unlocked.
An AES 256-bit key fused into the application processor during manufacturing.Is unique to each device and is not recorded by Apple or any of its suppliers.
Data Protection classesNSFileProtectionCompleteUnlessOpen
Data Protection classesNSFileProtectionCompleteUnlessOpen
The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.
Data Protection classesNSFileProtectionCompleteUnlessOpen
The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.
Used to write files while the device is locked, e.g., downloading a file in the background.
Data Protection classesNSFileProtectionCompleteUnlessOpen
The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.
Used to write files while the device is locked, e.g., downloading a file in the background.
Uses ECDH.
Data Protection classesNSFileProtectionCompleteUnlessOpen
The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.
Used to write files while the device is locked, e.g., downloading a file in the background.
Uses ECDH.Why?
Data Protection classesNSFileProtectionCompleteUnlessOpen
The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.
Used to write files while the device is locked, e.g., downloading a file in the background.
Uses ECDH.Why? Higher security (more security per bit)
Less resources
Data Protection classesNSFileProtectionCompleteUntilFirstUserAuthentication
Data Protection classesNSFileProtectionCompleteUntilFirstUserAuthentication
Same as NSFileProtectionComplete but the key remains in memory after the device has been locked.
Data Protection classesNSFileProtectionNone
The class key is protected only with the UID.
How it works?
How it works?
● Hierarchy of cryptographic keys
How it works? - Why a hierarchy?
How it works? - Why a hierarchy?
Flexibility and performance
How it works? - Why a hierarchy?
Flexibility and performance
● Changing the passcode just rewraps the classes keys
How it works? - Why a hierarchy?
Flexibility and performance
● Changing the passcode just rewraps the classes keys
● Wiping the device is just deleting the system key
How it works? - Why a hierarchy?
How it works?
● Hierarchy of cryptographic keys
● File system support
How it works?
● Hierarchy of cryptographic keys
● File system support
● AES engine (hardware)
How it works? - Creating a file
encrypt (file, perFileKey)AES engine
File
Fileencrypted
perFilekey
How it works? - Creating a file
encrypt (file, perFileKey)AES engine
File
Fileencrypted
Class key
How it works? - Creating a file
encrypt (file, perFileKey)AES engine
File
Fileencrypted
Metadata
Class key
How it works? - Creating a file
encrypt (file, perFileKey)AES engine
File
Fileencrypted
Fileencrypted
Metadata
Class key
How it works? - Reading a file
Fileencrypted
Metadata
Class key
How it works? - Reading a file
Fileencrypted
Metadata
Class key System key
How it works? - Reading a file
Fileencrypted
Metadata
Class key System key
Metadata
Class key
How it works? - Reading a file
Fileencrypted
Metadata
Class key System key
Metadata
Class key
decrypt (file, perFileKey)AES engine
How it works? - Reading a file
Fileencrypted
Metadata
Class key System key
Metadata
Class key
decrypt (file, perFileKey)AES engine
File
Keychain and Data Protection
Keychain and Data Protection
The keychain is implemented as a SQLite database stored on the file system.
Keychain and Data Protection
The keychain is implemented as a SQLite database stored on the file system.
There is only one database; the security daemon determines which keychain items each process or app can access.
Keychain and Data Protection
Keychain and Data Protection
The default is kSecAttrAccessibleAfterFirstUnlock .
Keychain and Data Protection
The default is kSecAttrAccessibleAfterFirstUnlock .
I recommend using kSecAttrAccessibleWhenUnlocked as default and only if necessary changing it for individual keys that are need in the background.
Keychain and Data ProtectionNSMutableDictionary *attributes = [[NSMutableDictionary alloc] init];//...[attributes setObject:(__bridge id)kSecAttrAccessibleWhenUnlocked
forKey:(__bridge id)kSecAttrAccessible];
What if data protection is not used?Install the Gmail app.
What if data protection is not used?Install the Gmail app. Read some emails.
What if data protection is not used?Install the Gmail app. Read some emails.Lock the device (non-jailbroken).
What if data protection is not used?Install the Gmail app. Read some emails.Lock the device (non-jailbroken).Browse the device (iFunBox, Xcode).
What if data protection is not used?
How to enable Data Protection in our apps?
How to enable Data Protection in our apps?
S i m p l e !
How to enable Data Protection in our apps? - Xcode
How to enable Data Protection in our apps?
project.pbxproj
9C201A441827FB6F60CC6872 = {DevelopmentTeam = 9XFDAR3CTM;SystemCapabilities = {
com.apple.DataProtection = {enabled = 1;
};};
};
How to enable Data Protection in our apps? - App ID
Sum up
Sum up
● What is data protection
Sum up
● What is data protection● How it works
Sum up
● What is data protection● How it works● What is the keychain?
Sum up
● What is data protection● How it works● What is the keychain?● What if data protection is not used?
Sum up
● What is data protection● How it works● What is the keychain?● What if data protection is not used?● How to enable it in our apps
Q&A, Discussion
Further reading● iOS Security https://www.apple.com/privacy/docs/iOS_Security_Guide_Oct_2014.pdf
● iOS 4 DATA PROTECTION 101 https://media.blackhat.com/bh-us-11/Belenko/BH_US_11_Belenko_iOS_Forensics_WP.pdf
● Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent it http://www.amazon.co.jp/Hacking-Securing-iOS-Applications-Hijacking/dp/1449318746/ref=sr_1_1?ie=UTF8&qid=1420987300&sr=8-1&tag=tabisty-22&keywords=Hacking+and+Securing+iOS+Applications+Stealing+Data%2C+Hijacking+Software%2C+and+How+to+Prevent+It
● Diffie-Hellman key exchange http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
● A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography http://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/