iOS Security Data protection January 17, Tokyo iOS Meetup What is? - PowerPoint PPT Presentation

iOS Security Data protection January 17, Tokyo iOS Meetup

What is? It is a feature to protect data “at rest” and to make offline attacks difficult. iOS 4 DATA PROTECTION 101 https://media.blackhat.com/bh-us-11/Belenko/BH_US_11_Belenko_iOS_Forensics_WP.pdf

Architecture iOS Security October 2014 https://www.apple.com/privacy/docs/iOS_Security_Guide_Oct_2014.pdf

Data Protection classes

Data Protection classes Class keys Are encryption keys used to encrypt files and keychains elements depending on their protection class. Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent It By Jonathan Zdziarski

Data Protection classes NSFileProtectionComplete

Data Protection classes NSFileProtectionComplete The class key is protected with a key derived from the user passcode and the device UID. Shortly after the device is locked, the decrypted class key is discarded, rendering all data in this class inaccessible until the device is unlocked.

Data Protection classes NSFileProtectionComplete The class key is protected with a key derived from the user passcode and the device UID . Shortly after the device is locked, the decrypted class key is discarded, rendering all data in this class inaccessible until the device is unlocked. An AES 256-bit key fused into the application processor during manufacturing. Is unique to each device and is not recorded by Apple or any of its suppliers.

Data Protection classes NSFileProtectionCompleteUnlessOpen

Data Protection classes NSFileProtectionCompleteUnlessOpen The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded.

Data Protection classes NSFileProtectionCompleteUnlessOpen The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded. Used to write files while the device is locked, e.g., downloading a file in the background.

Data Protection classes NSFileProtectionCompleteUnlessOpen The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded. Used to write files while the device is locked, e.g., downloading a file in the background. Uses ECDH.

Data Protection classes NSFileProtectionCompleteUnlessOpen The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded. Used to write files while the device is locked, e.g., downloading a file in the background. Why? Uses ECDH.

Data Protection classes NSFileProtectionCompleteUnlessOpen The per-file key is accessible while it is open, as soon as the file is closed, the per-file key is discarded. Used to write files while the device is locked, e.g., downloading a file in the background. Why? Higher security ( more security per bit ) Uses ECDH. Less resources

Data Protection classes NSFileProtectionCompleteUntilFirstUserAuthentication

Data Protection classes NSFileProtectionCompleteUntilFirstUserAuthentication Same as NSFileProtectionComplete but the key remains in memory after the device has been locked.

Data Protection classes NSFileProtectionNone The class key is protected only with the UID.

How it works?

How it works? ● Hierarchy of cryptographic keys

How it works? - Why a hierarchy?

How it works? - Why a hierarchy? Flexibility and performance

How it works? - Why a hierarchy? Flexibility and performance ● Changing the passcode just rewraps the classes keys

How it works? - Why a hierarchy? Flexibility and performance ● Changing the passcode just rewraps the classes keys ● Wiping the device is just deleting the system key

How it works? - Why a hierarchy?

How it works? ● Hierarchy of cryptographic keys ● File system support

How it works? ● Hierarchy of cryptographic keys ● File system support ● AES engine (hardware)

How it works? - Creating a file File encrypt (file, perFileKey) AES engine perFilekey File encrypted

How it works? - Creating a file File encrypt (file, perFileKey) Class key AES engine File encrypted

How it works? - Creating a file File Metadata encrypt (file, perFileKey) Class key AES engine File encrypted

How it works? - Creating a file File File encrypted Metadata encrypt (file, perFileKey) Class key AES engine File encrypted

How it works? - Reading a file File encrypted Metadata Class key

How it works? - Reading a file File encrypted Metadata Class key System key

How it works? - Reading a file File encrypted Metadata Metadata Class key Class key System key

How it works? - Reading a file File encrypted Metadata decrypt (file, perFileKey) Metadata AES engine Class key Class key System key

How it works? - Reading a file File encrypted Metadata decrypt (file, perFileKey) Metadata AES engine Class key Class key System key File

Keychain and Data Protection

Keychain and Data Protection The keychain is implemented as a SQLite database stored on the file system.

Keychain and Data Protection The keychain is implemented as a SQLite database stored on the file system. There is only one database; the security daemon determines which keychain items each process or app can access.

Keychain and Data Protection

Keychain and Data Protection The default is kSecAttrAccessibleAfterFirstUnlock .

Keychain and Data Protection The default is kSecAttrAccessibleAfterFirstUnlock . I recommend using kSecAttrAccessibleWhenUnlocked as default and only if necessary changing it for individual keys that are need in the background.

Keychain and Data Protection NSMutableDictionary * attributes = [[NSMutableDictionary alloc] init]; //... [attributes setObject:(__bridge id) kSecAttrAccessibleWhenUnlocked forKey:(__bridge id)kSecAttrAccessible];

What if data protection is not used? Install the Gmail app.

What if data protection is not used? Install the Gmail app. Read some emails.

What if data protection is not used? Install the Gmail app. Read some emails. Lock the device (non-jailbroken) .

What if data protection is not used? Install the Gmail app. Read some emails. Lock the device (non-jailbroken) . Browse the device (iFunBox, Xcode).

What if data protection is not used?

How to enable Data Protection in our apps?

How to enable Data Protection in our apps? S i m p l e !

How to enable Data Protection in our apps? - Xcode

How to enable Data Protection in our apps? project.pbxproj 9C201A441827FB6F60CC6872 = { DevelopmentTeam = 9XFDAR3CTM; SystemCapabilities = { com.apple.DataProtection = { enabled = 1; }; }; };

How to enable Data Protection in our apps? - App ID

Sum up

Sum up ● What is data protection

Sum up ● What is data protection ● How it works

Sum up ● What is data protection ● How it works ● What is the keychain?

Sum up ● What is data protection ● How it works ● What is the keychain? ● What if data protection is not used?

Sum up ● What is data protection ● How it works ● What is the keychain? ● What if data protection is not used? ● How to enable it in our apps

Q&A, Discussion

Further reading ● iOS Security https://www.apple.com/privacy/docs/iOS_Security_Guide_Oct_2014.pdf ● iOS 4 DATA PROTECTION 101 https://media.blackhat.com/bh-us-11/Belenko/BH_US_11_Belenko_iOS_Forensics_WP.pdf ● Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent it http://www.amazon.co.jp/Hacking-Securing-iOS-Applications-Hijacking/dp/1449318746/ref=sr_1_1? ie=UTF8&qid=1420987300&sr=8-1&tag=tabisty-22&keywords=Hacking+and+Securing+iOS+Applications+Stealing+Data%2C+Hijacking+Software% 2C+and+How+to+Prevent+It ● Diffie-Hellman key exchange http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange ● A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography http://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/