WIFI security
iOS security
Android security
Introduction to WiFi
– no inherent physical protection
– Broadcast communications
Early solution was based on WEP
seriously flawed
not recommended to use
New security standard for WiFi is 802.11i, implemented as WiFi Protected Access II(WPA2)
Overview of 802.11i
Main advantages over WEP
access control model is based on 802.1X
flexible authentication framework(based on EAP – Extensible Authentication Protocol)
– Carrier protocol designed to transport the messages of real authencitation protocols(e.g., TLS -Transport Layer Security)
authentication process result in a shared session key
different functions(encryption, integrity) use different keys derived from the session key using a one-way function
integrity protection is improved
encryption function is improved
Overview of iOs security
Software
Hardware and Firmware (crypto engine, device key, group key, apple root cerftificate)
Data protection class, app sandbox, user partition, os partition, encrypted file system, kernel, Hardware and firmware
Each iOS device has a dedicated AES-256 crypto engine
Manufacture keys
apple provides the Device ID(UID) and the device group ID(GID) as AES 256 bit keys
while the UID is unique to each device, the GID represents a processor class (e.g, Apple A5 processor)
The UID and GID keys are directly burned into the silicon and can only be accessed by the Crypto Engine
iOS Trusted Bootchain
Bootrom -> LLB -> iBoot -> Kernel
File Data Encryption
Hardware key -> file system key
passcode key -> class key -> file metadata -> file content
Every file is encrypted with a unique file key, that is generated when the file is created
The file key is wrapped with a class key and stored in the file’s metadata
The metadata is encrypted with the File System Key
The Class key is protected by the Device UID and (if configured for some files) the User passcode
Mandatory Code Signing
All executable code has to be signed by a trusted party
– Apps from App Store are signed by Apple
– No dynamic code generation or self-modifying
code signing check
– enforced by kernel, handled by a user-space daemon
– mandatory code signing
