SecureMac, Inc.

Hacker Gains Access to iPhone 5 Secure Enclave Key, Opens Door for More Research

September 29, 2017

While the iPhone’s fingerprint scanner and its associated TouchID functionality provide a wealth of convenience to users, it also brings some unique security challenges. Biometric data is one of the most personally identifiable and irreplaceable types of information out there. While someone who steals your fingerprint data may not be able to unlock many doors right now, that doesn’t mean it will always be the case. As a result, Apple put serious effort into developing a method for securely handling the verification of fingerprint data. The result was the …

Hacker Gains Access to iPhone 5 Secure Enclave Key, Opens Door for More Research

While the iPhone’s fingerprint scanner and its associated TouchID functionality provide a wealth of convenience to users, it also brings some unique security challenges. Biometric data is one of the most personally identifiable and irreplaceable types of information out there. While someone who steals your fingerprint data may not be able to unlock many doors right now, that doesn’t mean it will always be the case. As a result, Apple put serious effort into developing a method for securely handling the verification of fingerprint data. The result was the Secure Enclave.

Your phone’s operating system will send the data from the sensor into the Secure Enclave Processor, but it cannot read anything the enclave processor does. This unit compares secure fingerprint data with the known records while using strong encryption. All this involves many complex security key exchanges. However, a hacker has recently announced a successful effort to extract the key used to decrypt some of the information inside the Enclave.

Working on an iPhone 5s, the hacker (known as “xerub”) carefully inspected the communications between the Touch ID sensor and the Secure Enclave Processor. By digging deep into the software used for these digital discussions, he was able to create a tool that could extract the encryption key used during one step of the process. Having the key would potentially allow for the decryption of the resulting data.

So, what does all this mean? For now, there isn’t much cause for concern; this research is still in the very early stages, and it’s not currently possible to develop an effective attack using the key. Additionally, the tool created by the hacker cannot examine information passed between the Secure Enclave Processor and the touch sensor. Therefore, the result of this research is largely of experimental value; it will serve as the basis for future investigations into the potential vulnerabilities in the iPhone. Since any attack could only target one device at a time, there is no widespread threat.

Nonetheless, it’s an important sign that there are forces at work to understand and ultimately exploit these systems. Even so, it also provides Apple the opportunity to re-evaluate its approaches and adjust for enhanced security if necessary. Users need not worry about the security of their fingerprints today, but this is certainly a story we will keep an eye on in the future.

Get the latest security news and deals