fabio168

Q: iCloud Keychain

Just for my curiosity and knowledge, from a Software or Hardware stand point prospective, the iCloud Keychain service, on top of 256-bit AES encryption, in order to protect users data, it also uses:

 

 

Elliptic Curve Asymmetric Cryptography and Key Wrapping

 

 

What does it mean?

 

 

Thank you so much and have a wonderful day.

iMac (27-inch, Late 2013), OS X Yosemite (10.10.2)

Posted on Oct 11, 2015 1:10 PM

Close

Q: iCloud Keychain

  • All replies
  • Helpful answers

  • by OftenSilent,Helpful

    OftenSilent OftenSilent Nov 22, 2015 6:38 PM in response to fabio168
    Level 1 (5 points)
    Nov 22, 2015 6:38 PM in response to fabio168

    @fabio168

     

    I know this is a bit late, but I ran across your post while searching for information about Apple passcodes, keychains, touch id, and full-disk encryption. Your question may stem from iCloud security and privacy overview.


    In that document it states: [iCloud Keychain] Uses 256-bit ASE encryption to store and transmit passwords and credit card information. Also uses elliptic curve asymmetric cryptography and key wrapping.

     

    So it sounds like 256-bit AES encryption is used when storing and transmitting passwords and credit card information.

     

    From reading iOS Security 9.0 or later [PDF], Elliptic curve cryptography (ECC) is used when providing a Keychain recovery mechanism by uploading a user’s keychain to Apple wrapped with the user’s iCloud Security Code and the device’s hardware public key.


    If you're looking for more information about ECC, this should give you a good start: A (relatively easy to understand) primer on elliptic curve cryptography.

     

    OS