Hacker Releases iPhone 5s Secure Enclave Decryption Keys
A hacker has claimed to have “hacked” into iPhone’s Secure Enclave. Going by the online moniker of Xerub, the security researcher has released what he claims to be a full decryption key for the Secure Enclave Processor (SEP) for Touch ID.
Apple introduced Touch ID with its iPhone 5s, and since then the company has taken user security to the next level. Secure Enclave is a coprocessor embedded in the device that runs completely on its own with its own operating system. Keeping all things security in a separate coprocessor prevents the primary chip from accessing any sensitive data. The coprocessor has its own operating system (SEPOS), which includes a kernel, drivers, and applications.
By releasing the decryption key, Xerub has essentially started a conversation about the security of this so-called unhackable part of iPhone. “The fact that [SEP] was hidden behind a key worries me,” Xerub told TechRepublic. “Is Apple not confident enough to push SEP decrypted as they did with kernels past iOS 10?”
Apple’s Secure Enclave uses encrypted memory and a hardware random number generator to provide “all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised.”
The Secure Enclave runs an Apple-customized version of the L4 microkernel family. The Secure Enclave utilizes its own secure boot and can be updated using a personalized software update process that is separate from the application processor. On A9 or later A-series processors, the chip securely generates the UID (Unique ID). This UID is still unknown to Apple and other parts of the system.
As Apple describes it, UID is key to Secure Enclave, which is then further entangled with an ephemeral key that is generated when an iPhone boots up. Secure Enclave’s memory is authenticated with this ephemeral key. When the Touch ID is pressed, processor forwards the data to Secure Enclave without reading it. “It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is provisioned for the Touch ID sensor and the Secure Enclave,” Apple writes.
Xerub has now claimed that the iPhone 5s decryption key “is fully grown,” and you can use img4lib to decrypt the firmware and use Xerub’s SEP firmware split tool to process. This release means that anyone with the right expertise can use the img4lib to decrypt SEPOS that powers the Secure Enclave. If this key is indeed correct, it could prove to be a major blow to iOS security since it’s responsible for processing Touch ID transactions. It should be noted, however, that this is not as much of a “hack” of Secure Enclave as it is a release of firmware that will give more people a peek into SEPOS.
“I think public scrutiny will add to the security of SEP in the long run,” Xerub said, noting that he hasn’t hacked into the Secure Enclave but his releasing of decryption key will help researchers (and attackers) to poke into the software and hopefully help Apple make it more secure.