What is Apple's Secure Enclave and how does it protect iPhone and Mac?
iPhones and Macs have a Touch ID or Face ID that uses its own processor to handle users' biometric information. It's called the Secure Enclave, it's basically a complete computer and it offers a wide range of security features.
Secure Enclave starts separately from the rest of the device. It runs its own small kernel, the operating system or programs running on the device cannot access this section directly. It has 4MB of flash memory, used exclusively for storing elliptic 256-bit personal keys. These keys are unique to your device and are never synced to the cloud or even the device's main operating system cannot be seen directly. Instead, the system requires Secure Enclave to decrypt the information using the keys.
Why does Secure Enclave exist?
Secure Enclave makes it difficult for many hackers to decrypt sensitive information without accessing your device. Because Secure Enclave is a separate system and the main operating system never sees these decryption keys, it is difficult to decrypt the data without proper access.
Please note, biometric information is not stored on the Secure Enclave; 4MB is not enough storage space for all that data. Instead, Enclave stores the encryption keys used to lock that biometric data.
Third-party programs can also create and store keys in the Enclave to lock data, but applications never have access to those keys. Instead, applications that require Secure Enclave encrypt and decrypt data. This means any information encrypted with the Enclave is extremely difficult to decode on any other device.
Below is a reference to Apple documentation for developers:
When storing a private key in Secure Enclave, the user instructs Secure Enclave to create a key, securely store it, and perform operations with it. You only receive the output of these operations, such as encrypted data or cryptographic signature verification results.
Secure Enclave cannot import keys from other devices: it is specifically designed to create and use keys on your phone or computer. This makes it difficult to decode the information on any device.
Secure Enclave hacked?
Secure Enclave is complicated and makes it hard for hackers to access the device using this system. But nothing is absolutely safe. In the summer of 2017, hackers revealed that they had decrypted the Secure Enclave firmware, understanding how the Enclave works. However, it is worth noting that hackers have yet to find a way to retrieve the encryption keys stored in the Enclave: they only decrypt the software.
Delete the Enclave before selling a Mac
The keys in the Secure Enclave on iPhone will be deleted when performing a factory reset. In theory, it will also be deleted when reinstalling MacOS, but Apple advises users to delete Secure Enclave on a Mac if they use anything except the official macOS installer.
See more:
- Secure iPhone after jailbreak
- 6 secure ways on iPhone
- Security "security" for iPhone. How many methods do you know?
You should read it
- How to secure Google Drive on iPhone with Face ID
- Security experts found a way to break iPhone passwords on all versions without worrying about locking or deleting data
- The former Apple engineer claims to be able to unlock all iPhones for $ 15,000
- How to prioritize to enter the passcode interface when opening iPhone
- How to protect email with Face ID or Touch ID on iPhone
- How to set Face ID on iPhone X
- 8 iPhone apps can be locked with Touch ID or Face ID
- 6 secure ways on iPhone
May be interested
- The security 'standalone' for iPhone. How many methods do you know?although apple has always wanted to make the iphone the most secure device in the world, however, you still cannot be 100% sure that the iphone you own will be safe. the best thing you can do to reduce the risk of attack is to increase the security of your iphone. please refer to the security methods below.
- Review F-Secure Sense routers: Effective, affordable protectionf-secure sense is a wireless router capable of blocking access to malicious websites and other threats, blocking trackers, as well as including firewalls to protect all connected devices from attacks.
- The safest and most secure way to encrypt datathe safest and most secure way to encrypt data. in addition to the positive aspects, the internet also contains risks such as information leakage, theft, data destruction and to protect against such attacks, we must use data encryption methods to protect protect data against internet risks.
- Things to note when eating applesthe current abuse of preservatives, how to eat apples is really good for health
- Secure folders with Secure Folders softwareprotect folders, applications on your computer to help you manage your computer better and prevent others from viewing important folders. secure folders is free software with a simple interface, easy to use and compatible with all versions of windows.
- Secure web tunnel settingthere are many ways to protect your data in case you need to access public wi-fi networks
- Instructions for accessing anonymous Web on iPhone browserways to access anonymous web right on your iphone to help you secure secure web access history to avoid seeing outsiders.
- Zero Browser download and experience - secure browser on iOS, freezero browser is a full-featured security browser to protect your iphone or ipad device when online.
- 6 secure ways on iPhonejust like on a computer, any iphone user wants his device to be 'invulnerable' but in case you have to share your device with other users, the following way will help you. set up security features to make sure all data on iphone is safe.
- How to protect spreadsheets in Excelinstructions on how to protect spreadsheets in excel. protecting spreadsheets is an essential need of many users, thanks to this feature who makes spreadsheets can secure their data. to protect a spreadsheet, follow these steps: step 1: right-click v