User profile for user: georgysavva
georgysavva Author
User level: Level 1
8 points

iCloud Keychain encryption

Hi. I know that when I enable iCloud Keychain sync on my device Apple encrypts my local keychain and stores it on their servers. They use end-to-end encryption and data is encrypted on the device and can not be read by Apple.

My question is: what key does Apple use to encrypt the Keychain? From official documentation and third-party articles, it seems that they use a key derived only from my device passcode which is a very short and weak 4-digits string. It means that in case someone was able to break into Apple servers and steal the data it can easily brute force it and reveal the content since it's only protected with encryption with 10^4 of entropy.

Please correct me if I am wrong!

Posted on Feb 24, 2021 4:30 AM

Reply

Similar questions

2 replies
User profile for user: georgysavva
georgysavva Author
User level: Level 1
8 points

Feb 24, 2021 6:39 PM in response to tygb

Thanks for providing those resources. I've gone through them.

I didn't find anything that could help me in the first link.

In the second link (iCloud Keychain recover page) I found this sentence:

If two-factor authentication is enabled for the user’s account, the device passcode is used to recover an escrowed Keychain

This sounds like the only thing that needed to recover (decrypt) the iCloud keychain is one of my devices' passcodes.

So I don't see anything that goes against my original conclusion.

Could you please describe in more detail what you meant?

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

iCloud Keychain encryption

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up