Difference between revisions of "Secure Enclave"

From The iPhone Wiki
Jump to: navigation, search
(removed redundancy)
m
Line 1: Line 1:
The '''Secure Enclave''' is part of the [[A7]] and newer chips used for [[Touch ID]]. Within the Secure Enclave, the fingerprint data is stored in an encrypted form which - according to Apple - can only be decrypted by a key available by the Secure Enclave thus making fingerprint data walled off from the rest of A7 Chip and the rest of iOS. The secure enclave itself is a flashable 4MB processor called the secure enclave processor (SEP) as documented in [http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220130308838%22.PGNR.&OS=DN/20130308838&RS=DN/20130308838 Apple Patent Application 20130308838]. The technology used is essentially [http://www.arm.com/products/processors/technologies/trustzone/index.php ARM's TrustZone/SecurCore].
+
The '''Secure Enclave''' is part of the [[A7]] and newer chips used for [[Touch ID]]. Within the Secure Enclave, the fingerprint data is stored in an encrypted form which - according to Apple - can only be decrypted by a key available by the Secure Enclave thus making fingerprint data walled off from the rest of the A7 Chip and the rest of iOS. The secure enclave itself is a flashable 4MB processor called the secure enclave processor (SEP) as documented in [http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220130308838%22.PGNR.&OS=DN/20130308838&RS=DN/20130308838 Apple Patent Application 20130308838]. The technology used is essentially [http://www.arm.com/products/processors/technologies/trustzone/index.php ARM's TrustZone/SecurCore].
   
 
The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen [http://winocm.com/images/ioregdump.txt here]
 
The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen [http://winocm.com/images/ioregdump.txt here]

Revision as of 08:02, 12 December 2017

The Secure Enclave is part of the A7 and newer chips used for Touch ID. Within the Secure Enclave, the fingerprint data is stored in an encrypted form which - according to Apple - can only be decrypted by a key available by the Secure Enclave thus making fingerprint data walled off from the rest of the A7 Chip and the rest of iOS. The secure enclave itself is a flashable 4MB processor called the secure enclave processor (SEP) as documented in Apple Patent Application 20130308838. The technology used is essentially ARM's TrustZone/SecurCore.

The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen here

SEP OS

The SEP has its own OS called SEP OS and there exists a tool called seputil which is used to communicate with it.

Further References

www.forbes.com