Apple reveals unprecedented details in iOS security

An updated Apple whitepaper on iOS security delves into an unprecedented amount of detail about the security architecture and features of the company's mobile OS for devices such as the iPhone and iPad. Security professionals and IT consultants are praising both the company's transparency and its approach to protecting iOS devices, Internet security and users' data.

The 33-page "iOS Security" whitepaper is dated February 2014, and is available online. The previous edition was released in the fall of 2012, about the time Apple began taking a somewhat more open posture around iOS security. The new paper goes into detail about new security features introduced by Apple in the past two years, especially with iOS 7: the Touch ID fingerprint sensor; single sign-on integrating with enterprise applications and services; security for Airdrop peer-to-peer connections with other iOS devices via Wi-Fi and Bluetooth; iCloud Keychain for creating and managing strong passwords; and Secure Enclave, which is a coprocessor integrated with Apple's 64-bit A7 processor, introduced in the iPhone 5S.

Security and IT professionals are immersing themselves in the wealth of detail.

"I'm deep into it right now," says Benjamin Levy, principal of Solutions Consulting of Los Angeles, which specializes in Apple deployments for business customers. "For me the paper makes clear the philosophy and attention to detail involved in the security on the devices. It's not an afterthought. It's literally part of every single aspect of how it's built and how it runs, from the processors through the OS."

He points to the Touch ID fingerprint sensor, built into the iPhone 5S home button, as an example. "I particularly like the parts where it talked about the fingerprint sensor and how it functions," he says. "But more important was realizing that the underlying purpose of the fingerprint sensor was to enable and encourage the use of significantly longer and more complex passcodes."

A massive update

The whitepaper is a "massive update," writes security consultant and author Rich Mogull, in a blog post about the document, where he focused on how Apple handles iCloud password encryption. "It contains more information on iOS security than Apple has ever shared publicly before... I will likely be digesting it for months." His blog post is titled "How to Protect your iCloud Keychain from the NSA."

"In some ways, Apple is like Microsoft 10 years ago on security," says Corey Nachreiner, director of security strategy for WatchGuard Technologies, a vendor of advanced firewalls and other network security appliances. "Historically, they share as little information as possible.

"But when I read this document, their [security] practices are quite sound," he says. Examples are creating data classes, to which can be applied different degrees of protection; segmenting security functions; using different kinds of encryptions for different purposes, tying encryption into device-specific unique identifiers, and creating layers of encryption.

+ Also on Networkworld: iPhoneys Best iPhone 6 design concepts +

The details of Apple's security architecture, including its FIPS 140-2 certification, could be a watershed for iOS acceptance into government agencies and enterprises with especially demanding security requirements, according to Nachreiner.

"People considered Apple not ready for enterprise or government security," he says. "But Apple may be becoming the standard for mobile security. Apple devices may be more [capable of being] locked down than any other devices out there."

There's still plenty of room for improvement, as presentations at the latest RSA Security conference and recent vulnerability disclosures show. At the RSA confab, one company showed that an attacker could hide a "malicious profile" on an iOS device and potentially use the profile to change the device's mobile device management settings. Another just-exposed vulnerability, lets an app record all touch screen and button presses while running in the background on non-jailbroken devices, in effect, acting as a keylogger. In November, HP reported that its testing of over 2,000 business-oriented iOS apps found that 90% of them had one or more serious security vulnerabilities.

In light of these disclosures, the new security features and details should push IT groups to rethink mobile security, says Ojas Rege, vice president of products for MobileIron, a company that markets software for securing and managing mobile devices.

"The security mindset of most IT organizations has been driven by traditional Windows architecture, so their natural instinct is to apply the same approaches to iOS," he says. "But that doesn't work because the underlying iOS security architecture is very different than Windows." The new whitepaper, for the first time, gives "infosec" staff a starting point for understanding that architecture, according to Rege.

Apple Touch ID: technology and protections

The way Apple approaches security can be seen in the Touch ID fingerprint sensor, introduced in the iPhone 5S coupling innovative technology with comprehensive protections. A touch to the capacitive steel ring around the Home button triggers the imaging array to make an 88-by-88-pixel raster scan of the finger. That scan is sent to the Secure Enclave coprocessor which stores it in encrypted memory while it's being vector-ized for analysis, and then discards the scan. The analysis creates a "map of nodes" to reconstruct the user's actual fingerprint and match it with the previously registered fingerprints. But this map never leaves the iPhone, is never sent to Apple or backed up to iCloud or iTunes. It's stored locally, without any identity data, in an encrypted format that only the onboard Secure Enclave can read.

For an iOS device with an A7 processor, the Enclave also holds the cryptographic class keys for what Apple calls Data Protection, according to the whitepaper. If Touch ID is turned off, when the phone locks, the keys for the Data Protection class "Complete" are discarded, so "files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode." With Touch ID turned on, these keys are retained, but they are wrapped with an additional cryptographic key that's given to the Touch ID subsystem. When you press your finger to the Touch ID scanner, and your print is recognized, the Touch ID subsystem turns over the key to unwrap the Data Protection keys, and the phone unlocks.

"This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device," according to the whitepaper.

The Enclave coprocessor also provides all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised, according to Apple. "Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space," according to the whitepaper.

The Enclave itself is designed to protect both the data it uses and its own operations. It has its own secure boot process and personalized software update, separate from those for the A7 application processor. "Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers," according to the whitepaper. When the Enclave saves data to the file system, it encrypts the data with a key "tangled with" the UID and an anti-replay counter.

Apple's defense-in-depth security

This interlocking, defense-in-depth approach to protecting the Enclave's operations and data, and those of Touch ID, is a pattern Apple has applied comprehensively throughout the iOS security architecture.

"They're wrapping key pairs on top of key pairs," says Nachreiner. "They're relying not on just one private key, but they are entangling the device's unique ID...and then adding another specific key for, say, iMessage [information]. The more you can add a whole bunch of unique pieces of information, the harder it becomes to crack it."

Apple's segmentation of data means that even if one part of the security architecture is compromised, an attacker or a jailbreaker is unlikely to get access to all encrypted data. Mogull's blog post analyzing iCloud Keychain shows this clearly.

ICloud Keychain lets you create multiple passwords to websites from within the Safari browser. This keychain of passwords can be synced between different devices, and it's backed up to Apple's servers. But the backup raises a potential problem: in light of the revelations about government snooping, "trusting the keys to your digital life to a large company is a daunting prospect," Mogull writes.

Apple handles this by using "different, but related, security methods to protect both keychain syncing and keychain escrow and recovery backup," he says.

Without repeating Mogull's analysis, Apple's keychain sync process keeps your unique private key on your device, and iCloud never stores the keychain. This process is repeated for each separate device. "When passwords are added or changed, Apple syncs only the individual keychain items to other devices that need the update, one at a time," Mogull writes. "In other words, each keychain item is sent only to each device that needs it, the item is encrypted so only that device can read it, and only one item at a time passes through iCloud."

That presents formidable challenges to an attacker. "To read it, an attacker would need to compromise both the key of the receiving device and your iCloud password. Or re-architect the entire process without the user knowing," according to Mogull. Apple itself "could technically subvert the process...but not easily, not without changing the architecture (the notification and approval piece), and not without incurring serious legal liability now that the details have been published."

The iCloud Keychain Recovery process does back up the entire keychain in iCloud, via a secure escrow service. According to Mogull, your keychain is encrypted with a strong key, and then stored in iCloud. That strong key itself is then encrypted using the iCloud Security Code and the public key of a special, tamper-resistant, hardware encryption device called a hardware security module (HSM).

By design, then, the HSM can only take the first step in decrypting the keychain releasing the strong key that it has encrypted. According to Mogull, because the HSM doesn't store the iCloud Security Code used to encrypt that key, "it can't read the actual key used to protect the keychain."

Apple went further, he says. "Just to be safe, Apple destroyed the administrator access cards for the HSMs, and set them to delete all the keys if any unauthorized access is detected," he explains. "Then [if unauthorized access is detected], all users are sent a notification to re-enroll before they lose their keys, and re-enrolling moves them to a different HSM cluster."

"As I mentioned, part of my day job is advising large businesses and security vendors," Mogull writes. "I rarely see this level of security, and it's especially rare to destroy the administrative smart cards required to access the HSM."

And Apple went still further, he explains, with an option that lets the user, via Settings, "turn on iCloud Keychain," and follow a series of steps to use a different process to generate a cryptographically secure, unguessable iCloud Security Code to protect the keychain.

"Select this option and the original random key protecting your keychain is wrapped with a key generated using this random iCloud Security Code, is never sent to Apple, and can't be intercepted," Mogull explains. "Without this random iCloud Security Code (store it in a password management tool like 1Password or LastPass, and make a paper backup -- with good handwriting! -- and store it securely), there is no way to decrypt your keychain from iCloud, and it is protected even if you-know-who [meaning, the NSA] steals a copy."

The same care is taken with Apple's other Internet services, such as iMessage, Facetime, and Siri. "They're trying to secure any data that passes through the cloud, without exposing it to Apple in most cases," says WatchGuard's Nachreiner.

"I think the paper should be required reading for IT people who don't specialize in security," says IT consultant Benjamin Levy. "If nothing else, it shows how good security is done. In looking at it I immediately started lusting after similar advances for the Mac OS and Mac hardware. My guess is we're soon to see some really big changes."