Wednesday, November 11, 2015

Why iPhone's passcode cannot be replaced with Touch ID

We are requested for inputing passcode rather than Touch ID when we restarting iPhone. Why? After I read iOS Security, I think I found one of the reasons.

The passcode in system memory (why?), which is disappear after we turn off iPhone, is charge of encrypting/decrypting files. However Touch ID cannot do the same thing. Why?

I explain the reason as follows.

  1. For security concern, the plaintext passcode cannot be stored in flash storage because it is easily leaked.
  2. The plaintext passcode in system memory disappears after turning off iPhone. Therefore there is no risk of leaking. Apps cannot read it at run-time because the memory's are is not readable and is encrypted by hardware (secure element.)
  3. A ciphertext passcode in flash is encrypted by a one-way algorithm (eg., SHA-1) from the plaintext one.
  4.  The iOS encrypts and decrypts files by the plaintext passcode.
  5. Why cannot we use Touch ID to encrypt files? Because the biometric data of our pressed fingers are different each time.


No comments:

Post a Comment