Prof. James E. Rosenbaum, Pam Schuetz, Ph.D. and Amy Foran Northwestern University
A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
-
Upload
ec-council -
Category
Technology
-
view
101 -
download
0
Transcript of A (not-so-quick) Primer on iOS Encryption David Schuetz - NCC Group
Introduction
• DavidSchuetz• SeniorConsultant,NCCGroup• FocusonwebandiOSapplicationtesting• Cryptopuzzles(ShmooCon,VZDBIR,etc.)
• Volunteerconferencesupporttocommunity
NCCGroup
• BasedinManchester,UK
• ConsultingbusinessmostlyNorthAmerica
• Webandmobileapptesting,pentesting
• RMG,dedicatedCryptographypractice
• Alwayshiring• Stronginternprogram
• NYC,Chicago,Seattle,SanFrancisco,Austin• Evenremote!
AncientHistory• CNET,May2013,claims“Applecanbypassthesecuritysoftware”:
• Bigbacklog(7weeks,onecasetook4months)
AncientHistory
• October2014:“Apple’scommitmenttoyourprivacy”
• ChangesiniOS8
• “Applecannotbypassyourpasscode”• “…nottechnicallyfeasible…torespondtogovernmentwarrants”
• Raisedlotsofquestions:
• Whatdoesthatmean?Whatdidtheydobefore?
• Whataboutotherattacks?Forensics?
• Suddenlygotalotmoreimportant
WhatdoesitMEAN?!?
• Backlogimplies:
• Can’tjustpluginanduseamagickey
• Couldbruteforcepasscodes,conceivably
• “ApplecanaffordaLOTofGPUcrackers…”• Itdoesn’tworkthatway
SohowdoesiOSencryptionwork?
• It’scomplicated,butalsofairlycomprehensive
• Someearlydetailsfiguredoutbyresearchers
• ExaminingandunderstandingpublishedAPIs
• Reverseengineering,breaking• Applepublishesan“iOSSecurity”paper• BeginninginMay2012
• Updatedannuallyorbetter• Coversencryption,ApplePay,lotsofotherthings
• ThistalkfocusesonEncryption
HowiOSencryptionworksEffaceable
Storage
UIDKey 0x89B
Key 0x835
Stored in Hardware
Dkey
EMF
BAG1
Data Partition
Data FileFile KeyFile Data
Keybag
Class 11 Key
Class 1 KeyClass 2 KeyClass 3 Key
Passcode
Class 4 Key
Entered by User
Keychain File
Keychain Item
Data FileFile KeyFile Data
Passcode Key
Fulldiskencryption
• iPhone3GS/iOS3• DedicatedAESprocessor• LocatedinDMAchannelbetweenCPUandDisk
• Generatearandomkey(EMFkey)
• EncryptEMFkeyusingahardware-derivedkey(0x89b)
• StoreencryptedEMFkeyinspecialdiskarea
• Usethistoencryptfilesystemmetadata
Advantages
• Advantages• Fastwipe• Can’taccess/modifydatadirectly(withoutOS)
• Can’ttransferchipstoanotherdevice• Limitations
• Filesystemaccessgrantsaccesstoeverything
• Noadditionalprotectionswhenlocked
File-levelencryption
• DataProtectionAPIintroducediniOS4• Randomencryptionkeycreatedforeachfile
• Filekeyisencryptedusingaclasskey• Encryptedfilekeystoredwithfilemetadata
Multipleclasses
• Defaultclass:• iOS4-6is“noprotection”• iOS7-9:CompleteuntilFirstAuthentication
• MostsystemappsthroughiOS7stillusedNone
Protection Class Description
None No additional encryption
Complete Unless Open Asymmetric, for locking while writing
Complete Until First User Authentication
Encrypted after reboot, until first time unlocked
Complete Encrypted whenever device is locked
Classkeysinthekeybag
Data Partition
Data FileFile KeyFile Data
Keybag
Class 11 Key
Class 1 KeyClass 2 KeyClass 3 KeyClass 4 Key
Keychain File
Keychain Item
Data FileFile KeyFile Data
DataProtection:None
• Class4orDisFileProtection“None”class• RandomDkeygenerated
• Encryptedwithkey0x835,derivedfromUID
• Encryptedkeystoredineffaceablestorage
DefaultprotectionkeyEffaceable
Storage
UIDKey 0x89B
Key 0x835
Stored in Hardware
Dkey
EMF
BAG1
Data Partition
Data FileFile KeyFile Data
Keybag
Class 11 Key
Class 1 KeyClass 2 KeyClass 3 KeyClass 4 Key
Keychain File
Keychain Item
Data FileFile KeyFile Data
Classkeyprotection
• Eachclasskeyisalsowrappedorencrypted• Usingtheuser’spasscodekey
• Entirekeybagisencrypted• Usingabagkey(storedineffaceablestorage)
• Whenpasscodeischanged,oldbagkeysdeleted
PasscodeandkeybagEffaceable
Storage
UIDKey 0x89B
Key 0x835
Stored in Hardware
Dkey
EMF
BAG1
Data Partition
Data FileFile KeyFile Data
Keybag
Class 11 Key
Class 1 KeyClass 2 KeyClass 3 Key
Passcode
Class 4 Key
Entered by User
Keychain File
Keychain Item
Data FileFile KeyFile Data
Passcode Key
PasscodeKDF
• PBKDF2,usingPasscode,Salt,UID,variableiterations
• Workfactordependsondevice
• Constanttime—approx.80mS/attempt
• A7onwardadda5seconddelay• DependsonUID,whichcan’tbeextractedfromphone
• Notpossibletobringtoyourcrackingcluster
Bruteforcingpasscode• Mustbeperformedonthedevice
• Signedexternalimage
• Usingabootromvulnerability
• 80mSperattempt
• Nowupto5sec,somultiplytableby~62
• Attemptescalation,auto-wipearepartofUI
• Whenbootedfromexternalimage,nolimitsComplexity Time
4-digit numeric 15 min6-digit numeric 22 hours
6-char lowercase 286 days6-char mixed case 50 years
Locking…
• FileProtectionCompletekeyremovedfromRAM
• AllCompleteprotectionfilesnowunreadable
• Otherkeysremainpresent
• AllowsconnectiontoWi-Fi
• Letsyouseecontactinformationwhenphonerings
• [Ioncefoundanedgecasewherethisdoesn’thappen…]
Changingpasscode…
• Thesystemkeybagisduplicated
• Classkeyswrappedusingnewpasscodekey(encryptedwith0x835key,wrappedwithpasscode)
• NewBAGkeycreatedandstoredineffaceablestorage
• OldBAGkeythrownaway• NewkeybagencryptedwithBAGkey
Rebooting…
• FileProtectionCompletekeylostfromRAM
• CompleteuntilFirstAuthenticationkeyalsolost
• Only“FileProtection:None”filesarereadable• AndthenonlybytheOSonthedevice• BecauseFDE
Wipingdevice…
• Effaceablestorageiswiped,destroying:• DKey:All“Fileprotection:none”filesareunreadable
• Bagkey:Allotherclasskeysareunreadable• EMFkey:Can’tdecryptthefilesystemanyway
Playitagain!
• FileisencryptedwithaFileKey• FileKeyencryptedwithClassKey• ClassKeyencryptedwithPasscodeKey• Passcodekeyderivedfrom:
• UID,0x835,Passcode
• KeybagencryptedwithBagKey• EntirediskencryptedwithEMFKey
• EMFkeyencryptedusing0x89b
• 0x89band0x835derivedfromUID
Data Partition
Keybag
Data File
File KeyFile Data
Class Key
BAG1
UID
Passcode
KDF
Passcode Key
Key 0x89B
EMF
Key 0x835
DKey
Disk
EffaceableStorage
System ona Chip(SoC)
BreakingThroughtheCrypto
• Severalwaystogetaroundtheseprotections• Jailbreakingdevices
• Simplebugsinthesoftware
• Forensictoolsusingobscureorbrokenfeatures
• Specialboot-levelcapabilities
• Collectfromotherlocations(“Tothecloud!”)
Jailbreaking
• Exploitsbugsintheoperatingsystem
• Bypassescodesigning,sandboxes,etc.• Needstomodifyfilesystemtomaintainpersistence
• Jailbreakprocesscannotbypasscryptoonalockeddevice
• Butmayweakenit
• Generallyneedtounlock,install,rebootdevice:
• Jailbreakershavemuchlargerattacksurface
• Anyapporsystemprocessonunlockeddevice
Bugs
• Lockscreenbypasses• Reallyjustmovingfromoneapptoanother
• Cryptoprotectionsarestillinplace
• Limiteddataaccessibility
• Usuallyfixedquickly
• Maliciousapps
• Fromappstore
• Side-loadedwithenterprisecerts
• OS-levelproblems
ForensicCapabilities
• Nomagicchannelsjustforforensicstools
• Frequentlyusingsamebugsfoundbycommunity
• Methodsandcapabilitiesoftencloselyheld
• Difficulttofullyascertain
• Lockeddevice
• Facesameobstaclesaseveryoneelse
• Unlockeddevice
• Hiddenorlittle-understoodfeatures
• Specialdatabases,logs,etc.
• Treasuretroveofinfo
BootANewOS
• Multi-stepbootprocess
• LLB(low-levelboot)
• iBoot
• OSboot
• Signaturechecksateachstage
• OSimageencryptedforeachdeviceclass
• Keyderivedfrom“GID”codeinSoC
• Bugsonearlydevicesallowedbypassingsignature
• FixediniPhone4S,iPad2
TheCloud• Server-sidedatastorageverycommon
• Generous“basic”app-datastorageforfreefromApple
• User-paidiClouddata
• Third-partycloudstorage
• Appvendorservers
• Can’tgetdataonphone?Gotothenet
• ExamplesofiOSdatastoredoniCloud:
• Backups
• Notes,calendarentries,contacts
• App-specificdata
• iClouddrive-iWorkdata,etc.
MDMorDesktopSync
• SynctoiTunesgetslotsofdata• Butnokeychain,unlessthebackupisencrypted
• USBaccessontrusteddesktop• Usedtoallowaccesstomostalldata
• Nowonlyworksonbetaversionsofsoftware
• Couldcomebackwithoutwarning(bydesignornot)
• MobileDeviceManagement
• Ifenrolledandconfigured,canremotelyunlock• NeedsWi-Fiaccess
• Ifrebootedandnocellulardata—noMDM.
NewPublicFocus
• EncryptionfeaturesfairlystablesinceiOS4• Whyisthisabigdealnow?
• Softwarechanges• Newhardwarefeatures• Strongerpublicstanceonprivacy• Somewhatdrivenbypost-Snowdenconcerns
NewDataProtectionDefaults
• iOS7defaults:• 3rdpartyapps:CompleteUntilFirstUnlock
• Systemapps:None(exceptMail)
• NowSystemAppsdefaulttoUntilFirstUnlock
• Mostdataunreadableafterareboot
• AlsolimitedsandboxaccessoverUSB
• Cannolongeraccessallofapp’sfiles• Evenwhenunlocked• Evenwithtrustedcomputer
Seeforyourself
• iOS7phone:• Reboot,Callfromlandline
• Seefullcontactinformation(name,picture,etc.)
• iOS8or9:• Reboot,callfromlandline,justseephonenumber
• Unlock,lockagain,callagain• Nowyouseeeverything
SecureEnclave
• IntroducedwithiPhone5SandiOS7in2013• Specialsub-processorandstorage
• SeparatehardenedOS• Speciallyencryptedareaondisk
• Handlesmanyofthepasscodefeatures
• Notsurewhetherfailurecountsstoredthere
• Hardcoded5seconddelay
• Additionalfeaturesaddedovertime• Encryptionandpublickeys
• Notverywellunderstoodatthispoint
PublicCommitmenttoPrivacy
• Drawsalineinthesand• “Wesellproducts,notyourinformation”
• Wantscustomerstobeincontroloftheirdata
• Technicaladviceforstrongsecuritychoices• Promiseoftransparencyregardinggovernmentaccess
TheRoadtoSanBernardino
• Gradualsecurityimprovementsoveryears
• Snowdenrevelations• Publiccommitmenttoprivacyandsecurity
• Beginningsofpushbackfromlawenforcement
• SanBernardinoattack• FBIrequestscourttoorderassistancefromApple
• Strangersaskingmeaboutthecase
WhatFBIaskedfor
• Awaytobypasspasscodeguessinglimits
• “Customversionofoperatingsystem”
• “Tailoredtojustthisphone”
• Possible?Maybe.Probably.
• Agoodidea?• Applespentnearly100pagesexplainingwhynot
• FBIeventually….hiredhackers?….
How’dtheyfinallygetin?
• Manypossibilitieshavebeensuggested
• Mostlyjustspeculation
• Someideasmorelikelythanothers
• Someideasare…outthere.
ProbableAttackSurfaces
• Cryptography• Extensivelyused• Securityhighlydependentuponthisbeing“safe”
• Hardwareattacks• Ifyoucanholdit,youcanownit• Howmuchdoyouwanttospend?
• Softwarebugs• Theyhappentoeveryone• Alot
CryptographicAttacks• Tobootahackedimage:
• BreakintoAppleandstealtheirsecretkeys• OtherAppleservicesusetamper-resistantHSM
• Breaksignatureprocess• RSAsignatures
• SHA1hashes
• BootROMbug
• MajorcryptographicbreakinAES
• AllowderivationofUIDandofflinecracking• Allowdirectdecryptionofdatafiles
HardwareAttacks• De-captheSoC• FindtheUIDandextractit
• CopyencrypteddatafromNAND
• Brute-forcepasscodeonaGPUcluster
• Riskyandexpensive.Norecoverypath.
• Memorychipattacks
• Preventupdatingpasscodefailurecount
• Rollflashbacktopreviouscopywherecount=0
• Racecondition
• DetectfailurebeforeOScanupdatecount
SoftwareAttacks• Racecondition• Enterpasscode,dosomethingelseREALLYFAST
• Lockscreenbypass• Wouldn’tgetmuchdata
• Couldshowspringboard• Mightshowthatphonehadverylittledataanyway
• Otherattacks• Codeinjection• DFUoriTunesRestoreattacks• Wiredorwirelessattacksurfaces
LikelySuspects?
• NewBootROMbug
• Boothackedimagecontainingpasscodecracker
• Lockscreenbypass• Limiteddataextraction,butprovideswindow
• Otherbugsinlockscreen• Allowingforinterruptionoftimeoutorfailurecounting
• Attacharobot• Hardware-levelattacksonmemory
• Interruptingdatawritesorrestoringearliercopy
Howmuchcouldtheyget?
• Everything,rightaway?• Needsamajorcryptobug
• Everything,eventually?
• Passcodefailurecountbypasses
• Hardwareorsoftwareattacks
• Simpleintelandgeneralphoneusage?
• Lockscreenbypass
Questionsfrom2014….
• CanApplebruteforcepasscodes?• Wouldthey?
• Couldtheybeorderedto?• Hasthishappenedalready?
MoreHardwareQuestions
• CantheSecureEnclavesoftwarebeupdated?• Toalterthepasscodefailureprotections?• Doesitrequiredevicebeunlocked?
• AreanyoftheSEfunctionsinROM?
• Whereisthefailurecountlocated?
• OnSoCorflash?• WillSEcodeenforce10-trylimit?
GeneralBestPractices
• GoodadviceonApple’sPrivacyandSecuritypages• SelectnewerdeviceswithSecureEnclave• Selectalongpasscode
• Alphanumericisbest
• Evenwith5-seconddelayinSecureEnclave
• UseTouchIDfor“typical”dailyuse• Butdon’tforgetthepasscode!
• Ifyou’rearrested,turnoffphone• Orquicklytrytounlockwithwrongfinger
• Afterafewtries,fingerprintsdisabled
Conclusion• iOSsecurityhighlydependentuponencryption
• Complexandcomprehensive
• Nopublicly-knownmajordesignflaws
• Bypassingencryptiondependsonbreakingpasscode• Hardwareattacks(potentiallyexpensive)• Softwarebugs(usuallyfixedquickly)• Stillaslowprocess
• Orbreakingcryptoingeneral• WhichbreaksEVERYTHING
• Userscanfightbackwithstrongpasscode
References
• Apple“iOSSecurity”paper• “iPhonedataprotectionindepth”(Sogeti,HITBAmsterdam2011)
• “EvolutionofiOSDataProtectionandiPhoneForensics:fromiPhoneOStoiOS5”,(Elcomsoft,BlackHatAbuDhabi2011)