A hacker, going by the Twitter handle @xerub, claims to have broken part of the security around Apple’s Secure Enclave. The hacker has published a decryption key that weakens (but doesn’t totally compromise) a core part of Apple’s security model for iOS devices.
The Secure Enclave [PDF Link] is a small processor embedded in Apple devices that support TouchID. That covers the last few iPhone and iPad generations as well as the most recent MacBook Pros. It holds a key that is used to encrypt data that is passed to it. It does not interact with the rest of the device other than to receive a piece of data, that it validates, and the sending back a “Yes” or “No” depending on whether the request is valid or not.
The Secure Enclave’s isolation is core to its security. There is only one route for the rest of the device to communicate with it.
@xerub claims to have released the full decryption key for the Secure Enclave firmware. That means someone could potentially access a device’s Secure Enclave and steal the decryption key.
What’s the real risk
Make no mistake, this is a big deal. But it doesn’t signal the death of Apple Pay, TouchID or other services that rely on the Secure Enclave.
Having access to the Secure Enclave firmware will, in all likelihood, require physical access to a device. That decryption key is unique to each device so decrypting one device doesn’t give bad guys free reign over all iOS and macOS device with the Secure Enclave.
In reality is a small, but significant step, for hackers trying to understand how the Secure Enclave works.
If someone can figure that out, before Apple issues some sort of update that renders @xerub’s efforts superfluous, and combine it with some other hack (like this TouchID hack) then it may be possible for a highly motivated hacker to break into a device.
What all this shows is that no system is 100% unhackable. And that Apple has done a pretty good job of making life as difficult as possible for someone wanting unauthorised access to an iOS or macOS device with this hardware.
Comments
2 responses to “Apple’s Secure Enclave Chip Has Been Hacked”
Talk about a click bait title…..
Except it wasn’t hacked at all.
As commented, who needs correct reporting when you can have click bait.
No mention of the iPhone 5S…. It only affects the iPhone 5S… Because Of the Chip… Anthoney needs to do a bit more research rather that freaking out and giving false information to the readers….
What a clickbait title! Well done.