If you blog it they will come?

Friday, June 1, 2012

iOS Security Overview

I recently read Apple's iOS security overview which outlines the various security measures present on iOS devices.

It's a fairly short read at under 20 pages and it's great stuff to familiarize yourself with if you're developing on the platform. Here is a summary / some limited thoughts (I don't know much about security):

  • A lot of Apple's security measures are possible due to novel hardware solutions
    • The ARM processor's Execute Never which marks pages as non-executable
    • AES 256 crypto engine and SHA-1 are built into the file system and implemented in hardware, which drastically reduces the overhead of encrypting everything
    • Novel ways of wiping sensitive data that would otherwise linger in flash memory
    • UIDs are not readable by software or firmware, yet still used as input to crypto
A lock inside a lock inside a lock

  • The file system encryption is of an onion nature
    • File metadata is not available all the time. This is to restrict access when the device is locked or interrupted by a phone call, etc. and availability rules are described by a files' class
    • File metadata is encrypted. The file data itself is encrypted too, and that key is only available after decrypting the file metadata (that's right, each file has its own key)
    • Did I mention that the file class which points to the file's metadata is also encrypted? See image above
    • It's fast to remote wipe your device: just destroy the top level keys and nothing else on the filesystem is accessible
  • Every encryption/security algorithm I've heard of is deployed here (ok not ROT13):
    • Address space layout randomization
    • Lots of certificates to authenticate trusted code
    • Asymmetric elliptic curve cryptography (Curve25519)
    • Yarrow
    • PBKDF2
    • SSL, VPN, etc.
    • AES and SHA-1
    • escalating time delays: it'd take years to brute force a short password
  • I don't understand keybags yet
    • My eyes glazed over and it sounds too similar to teabags

No comments: