Secure Enclave

Hacker Decrypts Apple’s Secure Enclave Processor Firmware →

November 28, 2017 · 09:03

iClarified:

Hacker xerub has posted the decryption key for Apple’s Secure Enclave Processor (SEP) firmware.

The security coprocessor was introduced alongside the iPhone 5s and Touch ID. It performs secure services for the rest of the SOC and prevents the main processor from getting direct access to sensitive data. It runs its own operating system (SEPOS) which includes a kernel, drivers, services, and applications […]

Decryption of the SEP Firmware will make it easier for hackers and security researchers to comb through the SEP for vulnerabilities.

iPhone Secure Enclave Firmware Key Found →

August 21, 2017 · 08:49

David Schuetz:

Earlier today, it was reported that a hacker/researcher called “xerub” had released the encryption key, and tools to use it, for the firmware that runs the Secure Enclave Processor (SEP) on iPhone 5S. Reporting was…breathless. Stories suggested that this move was “destroying key piece of iOS mobile security,” and that we should “be on the lookout for Touch ID hacks” and “password harvesting scams.”

Is it really that bad? No, not really (…)

What was released today was the key to decrypt that firmware, but not a key to decrypt the region of disk used by the SE to store data. So now we can actually reverse-engineer the SE system, and hopefully gain a much better understanding of how it works. But we can’t decrypt the data it processes.

Speculation on Whether the Secure Enclave Is Secure →

February 18, 2016 · 02:17

Dan Guido :

I initially speculated that the private data stored within the SE was erased on update but I now believe this is not true. After all, Apple has updated the SE with increased delays between passcode attempts and no phones were wiped. In all honestly, only Apple knows the exact details.

A lot of ideas have been thrown out there over the past few hours. I wonder what the next few will bring — this is all extremely interesting.