ON THE SECURITY OF THE ICLOUD KEYCHAIN
Andrey BelenkoviaForensics
ICLOUD
• Introduced in 2011
• iOS 5 and OS X 10.7
• 320M accounts (July 2013)
ICLOUD
ICLOUD STORAGE
ICLOUD KEYCHAIN
ICLOUD KEYCHAIN
• Introduced in 2013
• iOS 7.0.3 and OS X 10.9
• Two different services:
• iCloud Keychain Sync
• iCloud Keychain (Escrow and) Recovery
INTERCEPTING COMMS
iCloud.com certificate is not pinned
FIRST STEPS
FIRST STEPSGET /authenticate
AppleID, password
FIRST STEPS
DsID, mmeAuthToken, fmipAuthToken
GET /authenticate
AppleID, password
FIRST STEPS
DsID, mmeAuthToken, fmipAuthToken
GET /authenticate
AppleID, password
GET /get_account_settings
AppleID, password
FIRST STEPS
DsID, mmeAuthToken, fmipAuthToken
GET /authenticate
AppleID, password
Account informationAccount settings
GET /get_account_settings
AppleID, password
ACCOUNT SETTINGS
ACCOUNT SETTINGS
ACCOUNT SETTINGS
SETUP
THE BIG PICTUREescrowproxy.icloud.comkeyvalueservice.icloud.com
THE BIG PICTURE
Keychain (encrypted)
Keybag (encrypted)
escrowproxy.icloud.comkeyvalueservice.icloud.com
THE BIG PICTURE
Keychain (encrypted)
Keybag (encrypted)
escrowproxy.icloud.comkeyvalueservice.icloud.com
Keychain sync
THE BIG PICTURE
Keychain (encrypted)
Keybag (encrypted)
escrowproxy.icloud.comkeyvalueservice.icloud.com
Master Secret
Keychain sync
KEY-VALUE STORE• Not new
• Many apps use it to keep in sync across devices
• iCloud Keychain uses two stores:• com.apple.security.cloudkeychainproxy3
• Syncing between devices
• com.apple.sbd3 (securebackupd3)• Restore if no other devices
ICLOUD KEYCHAIN SYNCcom.apple.security.cloudkeychainproxy3
Sign(usrPwd, Bpub)
Sign(Bpriv, (Apub, Bpub))
Sign(Apriv, Apub)Sign(userPwd, Apub)
Sign(Apriv, (Apub, Bpub))Sign(userPwd, (Apub, Bpub))
KEY-VALUE STOREcom.apple.sbd3
Key Description
com.apple.securebackup.enabled Is Keychain data saved in KVS?
com.apple.securebackup.record Keychain records, encrypted
SecureBackupMetadata iCSC complexity, timestamp, country
BackupKeybag Keybag protecting Keychain records
BackupUsesEscrow Is keybag password escrowed?
BackupVersion Version, currently @“1”
BackupUUID UUID of the backup
ESCROW PROXY• New, designed to store precious secrets
• MFA to recover escrowed data
• Must be signed into iCloud
• Must provide 6-digit code sent via SMS
• Must prove knowledge of iCSC via SRP
• Data destroyed after ~10 failed attempts
• User-Agent: com.apple.lakitu (iOS/OS X)
DATA ESCROWescrowproxy.icloud.com
keyvalueservice.icloud.com
DATA ESCROWescrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA ESCROW
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA ESCROW
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
AES-GCM256 bit
Encrypted Keychain
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
AES-GCM256 bit
Encrypted Keychain
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
AES-GCM256 bit
Encrypted Keychain
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
AES-GCM256 bit
Encrypted Keychain
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
AES-GCM256 bit
Encrypted Keychain
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA RECOVERYescrowproxy.icloud.com
keyvalueservice.icloud.com
DATA RECOVERYescrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA RECOVERYescrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA RECOVERYPBKDF2
SHA-256 x 10’000
AES-CBC256 bit
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA RECOVERY
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
DATA RECOVERY
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA RECOVERY
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA RECOVERY
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
AES-GCM256 bit
Encrypted Keychain
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA RECOVERY
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
escrowproxy.icloud.com
keyvalueservice.icloud.com
iCloud Security Code1234
AES-GCM256 bit
Encrypted Keychain
AES-Wrap KeysRFC 3394
Encrypted Keybag
DATA RECOVERY
escrowproxy.icloud.com
DATA RECOVERY/get_records
List of escrowed recordsescrowproxy.icloud.com
DATA RECOVERY/get_records
List of escrowed records
/get_sms_targets
List of phone numbers
escrowproxy.icloud.com
DATA RECOVERY/get_records
List of escrowed records
/get_sms_targets
List of phone numbers
/generate_sms_challenge
OK
escrowproxy.icloud.com
DATA RECOVERY/get_records
List of escrowed records
/get_sms_targets
List of phone numbers
/generate_sms_challenge
OK
/srp_init [DsID, A, SMS CODE]
[UUID, DsID, SALT, B]
escrowproxy.icloud.com
DATA RECOVERY/get_records
List of escrowed records
/get_sms_targets
List of phone numbers
/generate_sms_challenge
OK
/srp_init [DsID, A, SMS CODE]
[UUID, DsID, SALT, B]
/recover [UUID, DsID, M, SMS CODE]
[IV, AES-CBC(KSRP, Escrowed Record)]
escrowproxy.icloud.com
SECURE REMOTE PASSWORD • Zero-knowledge password proof scheme
• Combats sniffing/MITM
• One password guess per connection attempt
• Password verifier is not sufficient for impersonation
• Escrow Proxy uses SRP-6a
Key Negotiation
a ← randomA ← g^a
b ← randomB ← kv + g^b
u ← H(A, B) u ← H(A, B)x ← H(SALT, Password)S ← (B - kg^x) ^ (a + ux)K ← H(S)
S ← (Av^u) ^ bK ← H(S)
Key Verification
M ← H(H(N) ⊕ H(g), H(ID), SALT, A, B, K)
(Aborts if M is invalid)
ID, A
SALT, B
M
H(A, M, K)
Password verifier:
SALT ← randomx ← H(SALT,Password)v ← g^x (mod N)
Agreed-upon parameters:
H – one-way hash functionN, g – group parametersk ← H(N, g)
Key Negotiation
a ← randomA ← g^a
b ← randomB ← kv + g^b
u ← H(A, B) u ← H(A, B)x ← H(SALT, Password)S ← (B - kg^x) ^ (a + ux)K ← H(S)
S ← (Av^u) ^ bK ← H(S)
Key Verification
M ← H(H(N) ⊕ H(g), H(ID), SALT, A, B, K)
(Aborts if M is invalid)
ID, A, SMS CODE
SALT, B
M, SMS CODE
H(A, M, K)
Password verifier:
SALT ← randomx ← H(SALT,Password)v ← g^x (mod N)
Agreed-upon parameters:
H – SHA-256N, g – RFC 5054 w. 2048-bit groupk ← H(N, g)
ESCROW PROXY COMMANDS
Endpoint Description
get_club_cert Obtains some certificate for a userenroll Escrows a record and returns phoneToken
get_records Lists escrowed recordsget_sms_targets Lists phone numbers used for verification
generate_sms_challenge Sends SMS challengesrp_init First step of SRP protocolrecover Second step of SRP protocol
alter_sms_target Given a phoneToken, changes phone number used for verification
ALTER_SMS_TARGET
• Changes phone number used for verification
• Stricter authentication: requires AppleID password
• Authentication token won’t work
• Requires phoneToken returned at escrow time
• iOS 8 finally exposes this in the UI
ESCROW RECORD
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
iCloud Security Code1234
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
AES-GCM256 bit
AES-Wrap KeysRFC 3394
escrowproxy.icloud.com
keyvalueservice.icloud.com
Encrypted Keychain
Encrypted Keybag
ESCROW RECORD
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
iCloud Security Code1234
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
escrowproxy.icloud.com
ESCROW RECORD
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
iCloud Security Code1234
PBKDF2SHA-256 x 10’000
AES-CBC256 bit
escrowproxy.icloud.com
EscrowRecord ← AES-CBC(Key, RandomPassword)
Key ← PBKDF2-SHA256(iCSC, 10’000)
ESCROW RECORDEscrowRecord ← AES-CBC(Key, RandomPassword)
Key ← PBKDF2-SHA256(iCSC, 10’000)
This is stored by AppleThis is 4 digits by default
For default settings access is totally feasible!
ESCROW RECORD• Offline iCSC guessing is possible
• Almost instant recovery [for default settings]
• iCSC decrypts keybag password
• Keybag password unlocks keybag keys
• Keybag keys decrypt Keychain items
Apple, or other adversary with access to stored data, can near-instantly decrypt “master” password and consequently decrypt backed up
iCloud Keychain records
(for default settings)
BUT CAN APPLE ACCESS STORED DATA?
HARDWARE SECURITY MODULE
• Apple claims it uses HSMs for storing escrowed data
• Impossible to verify from outside
SETUP
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
iCloud Security Codecorrect horse battery staple PBKDF2
SHA-256 x 10’000
AES-CBC256 bit
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
AES-GCM256 bit
AES-Wrap KeysRFC 3394
escrowproxy.icloud.com
keyvalueservice.icloud.com
Encrypted Keychain
Encrypted Keybag
COMPLEX ICSC
• Mechanics are the same as with simple iCSC
• Offline password recovery attack is still possible, although pointless if password is complex enough
SETUP
DATA ESCROW
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
AES-GCM256 bit
AES-Wrap KeysRFC 3394
keyvalueservice.icloud.com
Encrypted Keychain
Encrypted Keybag
AES-CBC256 bit
iCloud Security Codecorrect horse battery staple PBKDF2
SHA-256 x 10’000
escrowproxy.icloud.com
DATA ESCROWRandom Password
BL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
AES-GCM256 bit
AES-Wrap KeysRFC 3394
keyvalueservice.icloud.com
Encrypted Keychain
Encrypted Keybag
RANDOM ICSC
Escrow Proxy is not used
SETUP
DATA ESCROW
keyvalueservice.icloud.com
escrowproxy.icloud.com
Random PasswordBL7Z-EBTJ-UBKD-X7NM-4W6D-J2N4
Keychain PasswordsyMa9ohCJtzzcVhE7sDVoCnb
Backup KeybagKey 1Key 2Key 3
AES-GCM256 bit
AES-Wrap KeysRFC 3394
Encrypted Keychain
Encrypted Keybag
AES-CBC256 bit
iCloud Security Codecorrect horse battery staple PBKDF2
SHA-256 x 10’000
DATA ESCROW
keyvalueservice.icloud.com
escrowproxy.icloud.com
NO ICSC
Escrow Proxy is not used
Keychain is not backed up
ATTACK SURFACEiCloud Keychain Services
Master Password Escrow iCloud Keychain Backup iCloud Keychain Sync
No iCloud Security Code
Random iCloud Security Code
Complex iCloud Security Code
Simple iCloud Security Code (default)
CONCLUSIONS
CONCLUSIONS
• Trust your vendor but verify his claims
• Never use simple iCloud Security Code
• Overall, iCloud Keychain is reasonably well engineered
Q & A