Reportedly, a full decryption key for Apple’s Secure Enclave Processor (SEP) firmware has been released by a hacker known by the handle xerub.
— ~ (@xerub) August 16, 2017
The importance of the SEP is of such magnitude due to it handling Touch ID transactions and being isolated from the rest of its host device that, if this hack proves to be true, it could be a major blow to iOS security. Any kind of Apple device you have doesn’t know what’s going on in the SEP, which means no one else does, either, but that might change today. Because if the firmware code is exposed, SEP vulnerabilities will be hunted down and used maliciously.
Back to the iPhone 5S, with which came the Touch ID, a tiny coprocessor was put in the main S-series and now A-series processor chip. The coprocessor in question runs on its own entirely, with a separate OS, separate updates and all of its doing being hidden from the rest of the device.
One of the key points of the SEP is its generation of the device’s Unique ID (UID). That UID is moreover secured by tangling it up with an ephemeral key that is replaced every time the device is rebooted.
The reason for the existence of the SEP is to protect the UID, and that is why all Touch ID actions such as password verification and similar security processes happen in the SEP.
Now that the SEP’s firmware code is exposed to the rest of the world, due to the efforts of the hacker xerub, you can find the key here, and this GitHub repository contains what you need to decrypt it, and this one has the tools to process it.
xerub said that it worries him that Apple had the SEP hidden behind a key. He believes that SEP is an amazing tech but because it is a black box, its obscurity doesn’t add too much for security.
He also said that expert hackers won’t be stopped by black boxes, instead just slowed down a bit. In the long run, xerub believes that the public exposure will only add to the security of SEP. It will be just another arms race between hackers and tech companies that will ultimately lead to a safer user program.
The decryption of the SEP’s firmware is a big deal for both sides. xerub said that it could be possible, though very hard to watch the SEP do its work and reverse engineer its process, gain access to passwords and fingerprint data, and go even further toward rendering any security relying on the SEP completely ineffective.
As he said, the decryption of the firmware itself doesn’t mean that the user data gets decrypted at the same time, instead, it involves a lot of additional work. In short, xerub doesn’t think that his decryption will be going to have a massive impact.
An Apple spokesperson that will not be named stated that this doesn’t directly impact the customer data since they are a lot of layers of security in the SEP. The source added that it would be a leap to say that this decryption would make it possible to reach the customer data.
Apple does not plan to roll out a fix at this time.