It's a fairly short read at under 20 pages and it's great stuff to familiarize yourself with if you're developing on the platform. Here is a summary / some limited thoughts (I don't know much about security):
- A lot of Apple's security measures are possible due to novel hardware solutions
- The ARM processor's Execute Never which marks pages as non-executable
- AES 256 crypto engine and SHA-1 are built into the file system and implemented in hardware, which drastically reduces the overhead of encrypting everything
- Novel ways of wiping sensitive data that would otherwise linger in flash memory
- UIDs are not readable by software or firmware, yet still used as input to crypto
A lock inside a lock inside a lock |
- The file system encryption is of an onion nature
- File metadata is not available all the time. This is to restrict access when the device is locked or interrupted by a phone call, etc. and availability rules are described by a files' class
- File metadata is encrypted. The file data itself is encrypted too, and that key is only available after decrypting the file metadata (that's right, each file has its own key)
- Did I mention that the file class which points to the file's metadata is also encrypted? See image above
- It's fast to remote wipe your device: just destroy the top level keys and nothing else on the filesystem is accessible
- Every encryption/security algorithm I've heard of is deployed here (ok not ROT13):
- Address space layout randomization
- Lots of certificates to authenticate trusted code
- Asymmetric elliptic curve cryptography (Curve25519)
- Yarrow
- PBKDF2
- SSL, VPN, etc.
- AES and SHA-1
- escalating time delays: it'd take years to brute force a short password
- I don't understand keybags yet
- My eyes glazed over and it sounds too similar to teabags
No comments:
Post a Comment