Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Would it be infeasible to construct part of the private key out of hardware-specific id's + time-of-creation hashes? I assume it's not only the PIN?



That's what the A7 (iPhone 5S and later) design does:

“Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space. Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key entangled with the UID and an anti-replay counter.”

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

The device in question is an iPhone 5C, which uses the older A6 design.


Thanks for the link! I knew there had to be more technical information out there but couldn't find it on an initial search.


Yeah, it wasn't exactly unknown before but it wasn't terribly common outside of certain security / compliance circles. I think I've seen more links today than in the previous year.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: