Posted on 04/13/2016 10:54:01 AM PDT by Swordmaker
I don't think Apple wants to be clearer on exactly where the encryption key is stored. In other security papers Apple vaguely states it is stored either in the Encryption Engine or in the later Secure Enclave in an EEPROM that is unreadable from outside the area of the A6 processor by either the data processor or RAM of the device, or in A7 processor or later devices, by the processors or RAM of those devices, or by either with any software or external hardware IC readers.
In iOS 4 I believe Apple did store the original encryption key on the data NAND, but that was before Apple did any hardening of things at all. . . but it was a step in the right direction.
(page 11 of current iOS Security doc) The file system key is stored in Effaceable Storage.
When describing secure erase of Effaceable Storage they explain it *could be* on NAND.
(page 10) Securely erasing saved keys is just as important as generating them. It’s especially challenging to do so on flash storage, where wear-leveling might mean multiple copies of data need to be erased. To address this issue, iOS devices include a feature dedicated to secure data erasure called Effaceable Storage. This feature accesses the underlying storage technology (for example, NAND) to directly address and erase a small number of blocks at a very low level.
If later devices store Effaceable Storage on internall EEPROM or other internal memory Apple aren't saying, as you mentioned. I'm curious why they wouldn't want to inform people of such as security feature. If there isn't a clearly justifiable reason I think it's fare to keep open the possibility that the key and storage are infact still external to the processor.
Useful other documents (up to iOS4 and perhaps slightly beyond):
Slide 36 of HITB 2011 lecture covers up to iOS4 and describes the AppleEffaceableNAND, AppleEffaceableNOR services. Their lecture on iOS forences from 2012 includes an update for iOS5 that doesn't mention any change to storage location. Though, I don't understand french so I might have missed something from that lecture.
Dino's wiki also deals with the location and indicates it is on NAND. But this, I think, is also only clearly applicable up to iOS 4.
No, cyphunk, it doesn't state that it is stored in "the Effaceable Storage" but just in "Effaceable Storage." What is clear is that anything on the Effaceable Storage on the NAND chip has to be completely accessible to the main processor of the device, and to everything else. It is merely a standard NAND Flash storage device not designed by Apple located on the system memory bus. There is nothing protecting any location on that IC from being accessed by a hardware lockout under the control of anything out side of that flash memory.
The Effaceable Storage to which they are referring is not located on the flash storage IC.
When describing secure erase of Effaceable Storage they explain it *could be* on NAND.
I think you are misreading what Apple is saying on page 10 of their iOS Security Document. They are not implying that it could be on the NAND, but why they do not put it there. A dedicated feature called "Effaceable Storage" does not suffer from the problems they describe flash-storage has which required multiple copies which would need to be erased such as "wear-leveling." There are other inherent problems in keeping a security key on the device that would be the storage device of the encrypted data, such as making multiple copies of the encrypted flash memory, farming out the copies to thousands of decryption computers to destructively search the NAND for the key, to cut down the time.
Logically, the Effaceable Storage has to be behind a dedicated firewall associated only with the sub-processor assigned the specific security tasks. That is the only way to assure security from outside interference from even internal data-processor driven attacks.
I think the only reason that it logically "could be" said to be on the Flash Storage is if one is including all the older iPhones where there was no other option in the class of devices in the discussion, not just the modern ones that actually applied encryption seriously.
Slide 36 of HITB 2011 lecture covers up to iOS4 and describes the AppleEffaceableNAND, AppleEffaceableNOR services. Their lecture on iOS forences from 2012 includes an update for iOS5 that doesn't mention any change to storage location. Though, I don't understand french so I might have missed something from that lecture.
Dino's wiki also deals with the location and indicates it is on NAND. But this, I think, is also only clearly applicable up to iOS 4.
Up until the IPhone 4, Apple was using what were essentially an off-the-shelf Cortex-A8 ARM processor not designed by Apple. With the introduction of the iPhone 4, and much more with the iPhone 4S, Apple was using its own processor design with the A4 which included the first Encryption Engine with the Effaceable Storage area. The iPhone 4 was released with iOS 4 that supported the Encryption Engine. Any encryption on an iPhone prior to the iPhone 4 and iOS 4 would of necessity have to store the encryption key on the devices' Flash Drive for lack of any other option.
All the changes we are talking about occurred in iOS 6 and after, especially iOS 8 with even more improvements in iOS 9 and the hardware associated with the release of the A7, and later processors with their separate Secure Enclave sub-processor ICs. The Apple A4, A5, and A6 processors all had the Encryption Engine sub-processor built into the processor IC, but Apple moved that sub-processor out of the processor IC on to its own IC with the A7 System on a Chip when they moved to a four IC integrated intra-registered security system in which all four ICs are required to be registered with each other, or the system will not recognize the fingerprint ID, or accept the next update, or restore. Or with certain replacements, tampering, modifications, or even disconnections, not even boot.
84% of iOS users are running iOS 9.3.1, the latest and most secure. Even if their iPhones or iPads do not have the Secure Enclave. . . but I would assume that the older model iPhones such as the 5C are the ones most likely to be running an older version of iOS. . . but they would not be running anything like iOS 5 or lower. Those versions would not even load on that level iPhone.
I think you and I are now on the same page on this,
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.