Apple has finally explained most of its security details behind its Touch ID technology. Could this be a knee jerk reaction to people's wow reaction to Samsung Galaxy S5's fingerprint scanner?
Apple has released a new white paper about iOS security, and they explain how it works and it looks like it is far more secure than people may have thought.
The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchase on behalf of the user. Communication between the A7 and the Touch ID sensor takes place over a serial peripheral interface bus. The A7 forwards the data to the Secure Enclave but cannot read it. It's encrypted and authenticated with a session key that is negotiated using the device's shared key that is built into the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrap- ping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.
The 88-by-88-pixel, 500-ppi raster scan is temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis, and then it's discarded after. The analysis utilizes subdermal ridge flow angle mapping, which is a lossy process that discards minutia data that would be required to reconstruct the user's actual finger- print. The resulting map of nodes never leaves iPhone 5s, is stored without any identity information in an encrypted format that can only be read by the Secure Enclave, and is never sent to Apple or backed up to iCloud or iTunes.
On devices with an A7 processor, the Secure Enclave holds the cryptographic class keys for Data Protection. When a device locks, the keys for Data Protection class Complete are discarded, and files and keychain items in that class are inaccessible until the user unlocks the device by entering their passcode. On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they're wrapped with a key that is given to the Touch ID subsystem. When a user attempts to unlock the device, if Touch ID recognizes the user's finger- print, it provides the key for unwrapping the Data Protection keys and the device is unlocked. This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device. The decrypted class keys are only held in memory, so they're lost if the device is rebooted. Additionally, as previously described, the Secure Enclave will discard the keys after 48 hours or 5 failed Touch ID recognition attempts.
It is about time they explained stuff. Weird that it took them this long. [Apple via Engadget]
By the time your children receive a new iPad, they will be curious and play with it all day long. The problem is that you don’t know what they are doing with the iPad. To keep them secure from any dangerous or abuse virtual activities, it is better to use iPad spy app. To get trusted and reputable iPad spy app, you may use iKeyMonitor to help you. Read more
When learning about forex trading, you can choose to either start by taking the direct approach or the indirect approach. With the direct approach, you familiarize yourself with the core aspects of the trade. With the indirect approach, you mainly focus on the alternative side of the trade in general. Both the direct and indirect approaches are necessary to be a great trader. Among the vital issues you can learn about when focusing on the indirect approach are the things to avoid in forex trading. The following are the 7 things you must avoid to succeed in forex trading. Read more