Hacker Releases Firmware Decryption Key for Apple's Secure Enclave

Friday August 18, 2017 4:29 AM PDT by Tim Hardwick
A hacker released what he claimed to be a firmware decryption key for Apple's Secure Enclave on Thursday, initially sparking fears that iOS security had been compromised.

Apple's Secure Enclave Processor (SEP) handles all cryptographic operations for the Apple Watch Series 2, the A7 processor that powers the iPhone 5s, the iPad Air, the iPad mini 2 and 3, and subsequent A-series chips. The encrypted SEP is completely isolated from the rest of the system and handles Touch ID transactions, password verifications, and other security processes on a separate OS to maintain data protection integrity even if the kernel has been compromised.

One of the ways the SEP does this is by generating a Unique ID (UID) for each device for authentication purposes. The UID automatically changes every time a device is rebooted and remains unknown to other parts of the system, further enhancing its security.

Beyond that, little is known about how the SEP actually works outside of Apple, but that's by design – the enclave's isolation serves to obfuscate it from the rest of the system, preventing hackers from rifling through its code to make it as secure as possible.


The decryption key posted on GitHub yesterday would not enable hackers to access data stored inside the Secure Enclave, but it could allow hackers and security researchers to decrypt the firmware that controls it and potentially spot weaknesses in the code.

Speaking to TechRepublic, the hacker that released the key claimed that Apple's effort to obfuscate the code was itself cause for concern.
"The fact that the SEP was hidden behind a key worries me," said xerub. "Is Apple not confident enough to push SEP decrypted as they did with kernels past iOS 10?" He added that while SEP is amazing tech the fact that it's a "black box" adds very little, if anything to security. "Obscurity helps security — I'm not denying that," he said, but added that relying on it for security isn't a good idea.

"I think public scrutiny will add to the security of SEP in the long run," xerub said, noting that was also his intention with releasing the key.
Xerub claimed it's theoretically possible that the decryption key could be used to watch the SEP do its work, which could potentially allow hackers to reverse-engineer its process and gain access to its contents, including passwords and fingerprint data. However, he admitted that a lot of additional work would need to go into exploiting the decrypted firmware.

It's still unclear what the longer term repercussions could be, but an Apple source who wished to remain anonymous told TechRepublic that the release of the SEP key doesn't directly compromise customer data.
"There are a lot of layers of security involved in the SEP, and access to firmware in no way provides access to data protection class information," they said. "It's not an easy leap to say it would make getting at customer data possible."
More accurately, it makes research into the structure of the SEP possible, which could allow hackers to find flaws in its workings. Apple said it did not plan to roll out a fix at this time.

Tags: security, Apple security
62 comments


Top Rated Comments

(View all)
Avatar
RichTF
24 months ago
This is why good security generally involves lots of layers, the "onion" strategy. Getting past one layer is a problem, but not one that (in isolation) is a meaningful security breach.

Another way to think of it — The SEP came out with the iPhone 5s 4 years ago. So this encryption layer has prevented 4 years worth of hacking attempts on the deeper layers, which is time Apple has most likely been spending improving those layers. It might also be possible for Apple to re-apply this outer layer in subsequent iPhones, or maybe even with a firmware patch, thereby resetting the clock again.

So yeah, it's unfortunate that it's been hacked, but I still feel relaxed about my iPhone's security.
Rating: 19 Votes
Avatar
Kabeyun
24 months ago
As far as privacy and security go, I still sleep just fine at night in Apple's ecosystem.
Rating: 10 Votes
Avatar
apolloa
24 months ago
It's only a matter of time, but this is what you get when hackers and script kiddies are never jailed for their crimes, hack the defence networks oh sure jail you, hack a mass market consumer device or steal millions of people's details and passwords then you get a slapped wrist, and a nicely paid job in a security firm....
Rating: 7 Votes
Avatar
Northgrove
24 months ago

"Obscurity helps security — I'm not denying that," he said, but added that relying on it for security isn't a good idea.


No, it is not, but am I missing something here or is there no indication Apple is doing that? Just because they have now _added_ a layer of security doesn't imply that they're _relaxing_ another layer of security and not taking auditing their SEP code seriously?

I am absolutely certain that Apple's security experts have heard of the saying "Security through obscurity" and its fallacies... It is a fallacy to replace one with the other, but not use both in tandem.
Rating: 7 Votes
Avatar
rtomyj
24 months ago
Only going to help the users out but;

How does he criticize apple for obfuscation of the SEP (makes it hard to read) claiming that Apple doesn't have confidence in it being uncrypted like it's kernels but then adds that right now there's no way of knowing if obfuscation is the only form of security. How can you criticize obfuscation as Apples plan for hackers when you don't know if that's all they do....
Rating: 6 Votes
Avatar
thefourthpope
24 months ago

I'm going to go out on a limp and say . . .


Apropos of nothing, I love this typo.
Rating: 5 Votes
Avatar
Sunny1990
24 months ago

More accurately, it makes research into the structure of the SEP possible, which could allow hackers to find flaws in its workings. Apple said it did not plan to roll out a fix at this time.


Now that the firmware code is exposed it's open season on SEP vulnerabilities. Apple need to fix this Soon as possible
Rating: 5 Votes
Avatar
MrX8503
24 months ago
https://www.imore.com/youre-going-hear-lot-fud-about-apples-secure-enclave-being-hacked-it-wasnt

Your data is still encrypted and safe. Basically the vault was hidden and now it's revealed, but you still can't get into the vault.
Rating: 5 Votes
Avatar
Primejimbo
24 months ago

Is this why you should always update your iPhone? I have a 6s and I'm still on 9.3.5 I don't want to lose the music app.

You should ALWAYS keep you software up to date. You have many software bugs and security holes. A big on that was just patched with one of the recent updates (10.3.3) that would let an attacker crash your device over wifi:
http://www.techrepublic.com/article/every-ios-user-should-update-to-10-3-3-now-to-avoid-this-wi-fi-hack/

Here are all the security issues since 9.3.5
https://support.apple.com/en-ca/HT201222


What on earth does "don't want to lose the music app" even mean?

I don't get people all. They keep something that doesn't make sense then have updated security.
Rating: 4 Votes
Avatar
casperes1996
24 months ago
Whilst we would have no way of knowing about the specific algorithmic methods with which the SEP handles data, Apple has been quite open about how the security works still. I'm going to go out on a limp and say that there's no way anybody will figure out a way to get data that has been encrypted by the SEP without the passcode used to lock it. If anything, people might find a way to catch data in flight, but even then, how would you get your code that captures data onto an iOS device?
Rating: 2 Votes
[ Read All Comments ]