Encryption key for iPhone 5s Touch ID exposed, opens door to further research

Posted:
in iPhone edited August 2017
Just prior to a hacker's conference, a participant has revealed that the iPhone 5s Secure Enclave has been hacked, and the decryption key for it has been revealed. However, at present, there is nothing for iPhone users to immediately worry about.




First spotted by Redmond Pie on Wednesday, Twitter user "xerub" posted the information, and an extraction tool for the Secure Enclave firmware, in advance of the Singapore Hack in the Box conference.

The tool and hack is not for the inexperienced. The outputs of the tool are binaries of the kernel and related software regulating the communications between the Touch ID sensor and Secure Enclave -- but not any information transmitted presently or in the past between the Touch ID sensor and the Secure Enclave.

key is fully grown https://t.co/MwN4kb9SQI use https://t.co/I9fLo5Iglh to decrypt and https://t.co/og6tiJHbCu to process

-- ~ (@xerub)


The exposure of how to extract the encryption key from an iPhone 5s does not mean that the device is no longer secure. However, it does mean that people angling to make exploits for the device are able to examine the Secure Enclave firmware on the device in more detail than previously possible.

At present, there is no known exploit utilizing the tool, or the gleaned data, and it is not clear how one would even be produced or installed on a target device. Any exploit developed with the tool would be specific to the iPhone 5s, and require physical access to the device to load custom firmware as well.

Apple's Secure Enclave is in Apple's A7 processor and later and provides all cryptographic operations for data protection in iOS devices. The Secure Enclave utilizes its own secure boot and can be updated using a personalized software update process that is separate from the application processor -- which is how any exploit would have to be installed, one device at a time.

The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access. Each pairing of the Touch ID uses the shared encryption key, and a random number to generate that session's full encryption key.
E’Tallitnics
«1

Comments

  • Reply 1 of 23
    mtbnutmtbnut Posts: 195member
    As a stock analyst, I am telling all my clients to sell their APPL positions immediately. I also suspect that this will be the demise of Apple; this breach will more than likely cause the stock price to decrease at least 54% within the next 1 to 14 years.
    edited August 2017 E’Tallitnicsrepressthiscornchipbaconstangjony0
  • Reply 2 of 23
    mtbnut said:
    As a stock analyst, I am telling all my clients to sell their APPL positions immediately. I also suspect that this will be the demise of Apple; this breach will more than likely cause the stock price to decrease at least 54% within the next 1 to 14 years.
    We got a worry-wort here.

    Also what company is APPL?  You're a stock analyst, really?
    kruegdudeRacerhomieXmwhiteSpamSandwichrepressthisAvieshek
  • Reply 3 of 23
    gatorguygatorguy Posts: 21,112member
    macseeker said:
    mtbnut said:
    As a stock analyst, I am telling all my clients to sell their APPL positions immediately. I also suspect that this will be the demise of Apple; this breach will more than likely cause the stock price to decrease at least 54% within the next 1 to 14 years.
    We got a worry-wort here.

    Also what company is APPL?  You're a stock analyst, really?
    I think it was a joke. 
    slprescottmagman1979longpathjSnively1983E’TallitnicsleavingthebiggSpamSandwichrepressthisgilly33
  • Reply 4 of 23
    fallenjtfallenjt Posts: 3,980member
    sog35 said:
    Only took 3 years to crack it.  LOL
    And Apple already changed the security enclave a while ago. 
    repressthiscornchipwatto_cobraAvieshekchia
  • Reply 5 of 23
    chiachia Posts: 701member
    gatorguy said:
    macseeker said:
    mtbnut said:
    As a stock analyst, I am telling all my clients to sell their APPL positions immediately. I also suspect that this will be the demise of Apple; this breach will more than likely cause the stock price to decrease at least 54% within the next 1 to 14 years.
    We got a worry-wort here.

    Also what company is APPL?  You're a stock analyst, really?
    I think it was a joke. 


    Made all the more funnier by the irony of the "stock analyst" getting the elementary fact of the stock symbol wrong.
    peterhartlongpathstompyrepressthiscornchipwatto_cobra
  • Reply 6 of 23
    SoliSoli Posts: 9,272member
    So, this could be used to add Touch ID components that weren't paired with the original logic board, and vice versa?
  • Reply 7 of 23
    Mike WuertheleMike Wuerthele Posts: 4,880administrator
    Soli said:
    So, this could be used to add Touch ID components that weren't paired with the original logic board, and vice versa?
    Not at present, only for the iPhone 5s, and maybe never. This is only one part of a very long puzzle allowing for Secure Enclave code to be examined in a static condition. 
  • Reply 8 of 23
    OMG, APPL is doom.
    cornchipchia
  • Reply 9 of 23
    I still like the idea of recycling an iPhone as a robot head unit.  It would be valuable to understand how to interact with the secure enclave and potentially have some confidence that your robot logic hasn't been compromised.
  • Reply 10 of 23
    jdb8167jdb8167 Posts: 169member
    I give it a week to 10 days before this is actively exploited. Huge bragging rights.

    Jim
  • Reply 11 of 23
    jd_in_sbjd_in_sb Posts: 1,491member
    The 5S is irrelevant now. They might as well have hacked a UniVac 1. 

    edited August 2017 Soli
  • Reply 12 of 23
    SoliSoli Posts: 9,272member
    jd_in_sb said:
    The 5S is irrelevant now. They might as well have hacked a UniVac 1. 

    I just replaced a cracked display on a friend's 5S. The great thing about Apple devices, as I'm sure you know, is their longevity. It'll even supported by iOS 11.
    tyler82
  • Reply 13 of 23
    sirlance99sirlance99 Posts: 1,155member
    jd_in_sb said:
    The 5S is irrelevant now. They might as well have hacked a UniVac 1. 

    How wrong you are. There are people that still cling to the 4S. The 5S is still very much around.
    tyler82baconstang
  • Reply 14 of 23
    SoliSoli Posts: 9,272member
    How wrong you are. There are people that still cling to the 4S. The 5S is still very much around.
    I'd take his comment with a grain of salt. Seems more like a nice way to post an amazing pic.
  • Reply 15 of 23
    There is no cost-effective way to read the fingerprint (biometric) data out of, say, a stolen device, but it sounds like they are getting closer to being able to write new code into the firmware that could eavesdrop on the "conversations" between the TouchID sensor and the Secure Enclave (ASIC) and can then save a copy of any fingerprint impulse from the Touch ID that is observed to cause a valid response from the ASIC. Possibly they could also add their own fingerprint impulse (or remove an existing fingerprint impulse) someday. From there, they could theoretically replay those known good impulses whenever an external signal tells them to unlock the device. But how to get that new code written into the firmware of a customer's device and how to compensate for the random number generator salt (that's probably there specifically to prevent such "replay" attacks).
    edited August 2017 baconstang
  • Reply 16 of 23
    Soli said:
    So, this could be used to add Touch ID components that weren't paired with the original logic board, and vice versa?
    Not at present, only for the iPhone 5s, and maybe never. This is only one part of a very long puzzle allowing for Secure Enclave code to be examined in a static condition. 
    Once you remove Touch ID from the logic board and add a new one, you will need to use the passcode to get back into the device.  If you try to remove the Touch ID while it is still on, you can fry the MLB. If you were able to circumvent the Touch ID and knew the passcode, then you could get into the device. For criminals thinking they can hack it and get access to Apple Pay, they will be in for a suprise since it will remove the cards from Apple Pay and it will remove your fingerprints as well.  
  • Reply 17 of 23
    jdb8167 said:
    I give it a week to 10 days before this is actively exploited. Huge bragging rights.

    Jim
    I wouldn't make that bet. Someone would have to have physical access to the devices to exploit the vulnerability.  Unless they are able to find another exploit like they have in the past to create a remote silent jailbreak that you don't even notice. That's a long shot and it would only be used on high level targets in order not to be noticed again. 
  • Reply 18 of 23
    foggyhillfoggyhill Posts: 4,767member
    There is no cost-effective way to read the fingerprint (biometric) data out of, say, a stolen device, but it sounds like they are getting closer to being able to write new code into the firmware that could eavesdrop on the "conversations" between the TouchID sensor and the Secure Enclave (ASIC) and can then save a copy of any fingerprint impulse from the Touch ID that is observed to cause a valid response from the ASIC. Possibly they could also add their own fingerprint impulse (or remove an existing fingerprint impulse) someday. From there, they could theoretically replay those known good impulses whenever an external signal tells them to unlock the device. But how to get that new code written into the firmware of a customer's device and how to compensate for the random number generator salt (that's probably there specifically to prevent such "replay" attacks).
    They would have to have physical access and disassemble your phone to do all that and put some custom hardware inside (and cost a shitload of money).

    I'm pretty sure only real spies going after very highly sought target would bother.

    Those people don't part way with their phones often so not even sure how anyone could ever get access long enough.

    They'd probably need to stage a way to break their phone enough that he wants to get it repaired, and then they have the guy repairing on their side.

    If they can do all that they may as well bug the living crap out of everything that person has and put many people on it. Sure some people have all that like that very busy Russian Ambassador.


    baconstang
  • Reply 19 of 23
    sog35 said:
    Only took 3 years to crack it.  LOL
    Funny, right? Did you change yours? No? How come? You waited three years to get fingered and now you laugh. Hmmm... Nice attitude to a serious security problem. When you get job in big finance with iPhones for buisness like mine then let me know how much you can laugh.
  • Reply 20 of 23
    I'm missing something. Reading through the techrepublic article and the github repositories, I see that this was done with the iPhone 5s with iOS 9 on it. Are other models with the SEP are effected? And what about iOS 9.3.5 and above?
Sign In or Register to comment.