Yesterday, a well-respected security researcher published a decryption key for the Apple Secure Enclave Processor (SEP) firmware exposing a critical new risk within iOS. The SEP is a key aspect of iOS security controls. Public disclosure of the key matters because the integrity of the Secure Enclave Processor (SEP) is critical to the integrity of the iOS platform, iPad and iPhone devices, and the mobile apps that run on them. If the integrity of SEP is in question, so too is the security of apps that use iOS Keychain Services, Apple Pay, or Touch ID for authentication/authorization use cases. The NowSecure mobile threat research team has confirmed the validity of the key and identified potentially affected apps by analyzing a sample of popular apps using the NowSecure Platform’s unique iOS dynamic analysis capabilities.

With this information now exposed, both researchers and adversaries are likely to explore the SEP code which was previously hidden from view. The end result could be net positive (flaws identified and fixed), but there’s always the chance that attackers will also take advantage and exploit identified flaws. In other words, the mobile attack surface has yet again expanded.

Is this just hype or something I need to worry about?

At the risk of oversimplifying, the Secure Enclave Processor (SEP) creates a cordoned-off, secure operating system within an iOS device. It prevents the main processor from accessing sensitive data stored (and encrypted) within it. Prior to the disclosure of the decryption key published yesterday, information about the SEP (and potential risks) and its kernel, drivers, services and applications was minimal. However, a talk presented at Black Hat USA 2016, “Demystifying the Secure Enclave Processor,” provided a peek into the inner-workings of the SEP (links: slides and full whitepaper).

The SEP firmware is based on a customized L4 microkernel. So, the community has a good start on understanding some aspects of it. With the SEP encryption key, however, researchers can examine the actual iOS implementation as opposed to theoretical attacks based on what’s known about the L4 kernel.

The NowSecure mobile threat research team has downloaded and analyzed the assets provided by @xerub, the researcher that published the key and related tools, and has independently verified that the decryption key is indeed valid. Because the SEP firmware can now be decrypted, individuals with both good (e.g., security researchers) and bad (e.g., adversaries) intentions have more information about essential security controls protecting iOS devices.

It’s sometimes easy to misunderstand the relevance of security news and draw incorrect conclusions. So it’s important to be clear about what the disclosure of the SEP encryption key means:

  • The key can be used to decrypt the iOS Secure Enclave Processor (SEP) firmware — independently validated by the NowSecure mobile threat research team
  • Researchers can probe the unencrypted firmware using reverse engineering techniques and learn exactly how the SEP works
  • The results of the SEP analysis can lead to both improved security (findings and patching flaws) as well at opportunities for attackers to exploit unpatched flaws

And it’s equally important to avoid exaggerating the current risk, so bear in mind:

  • This does NOT mean that the data protected within the SEP (e.g., biometrics, keychain values, etc.) can be compromised at this time
  • This does NOT mean there are known attacks against the SEP in-the-wild based on this information
  • This does NOT mean apps that use SEP services are immediately vulnerable to attacks or are leaking sensitive data

Risks to iOS apps that use iOS Keychain Services

Thanks to the NowSecure Platform’s unique ability to provide dynamic analysis of iOS apps, our mobile threat research team analyzed a representative sample of popular iOS apps on the Apple App Store across numerous genres. A key feature provided by the SEP is iOS Keychain Services which an app will use to securely store sensitive data within an encrypted database.

By identifying apps that make calls to iOS Keychain Services, it’s possible to point out apps that depend on SEP. As one might expect, the results of the analysis are not particularly surprising but portend some potential risks. Almost every mobile app makes use of SEP and related features because they provide an indispensible security benefit. Again, remember that just because an app is included in the list does not mean it is necessarily vulnerable because it uses SEP. It means there is now publicly available information about SEP that hackers might try to exploit in the future. And of course, this recent development will have more impact on critical apps that deal in sensitive data. If you’re interested in the list culled using our NowSecure Intelligence product, contact us.

How do I protect my company?

Mature organizations implement a top down, layered approach to security and risk management including strategy, policies and standards (aka defense in depth). A holistic approach provides broad coverage for unknown and emerging risks. While the risk incurred by the decryption of the Secure Enclave Processor firmware would fall within such a program, we often find that organizations lack the mobile knowledge or experience to implement specific controls for ensuring mobile app security.

While mobile security programs cannot eliminate all risk, several key steps of an effective program would include:

  • Understanding what data might be at risk
  • Assessing the impact of a breach of the data’s confidentiality, integrity, or availability
  • Methods for detecting whether data has been compromised
  • Defining/implementing controls in place to minimize the loss
  • Continually monitoring custom and third-party commercial apps for security risks
  • A clear plan on how to respond to an incident involving this threat

To learn more about how the NowSecure Platform can help you manage overall mobile app security risk and more specifically risk related to the Secure Enclave Processor (SEP) in iOS, email us at [email protected] or fill out our contact form.

 

What to read next:
Andrew Hoog, CEO and Co-founder of NowSecure

Andrew Hoog

linkedin icon twitter icon

Founder

Andrew Hoog is a computer scientist, mobile forensics researcher, and Founder and Board Member of NowSecure. Hoog has one patent issued, and two pending, and is the author of two books on mobile forensics and security. When not breaking (or fixing) things, he enjoys great wine, science fiction, running and tinkering with geeky gadgets.