Understanding data protection

[ozaz]

Can anyone expand on this support article for me please?
http://support.apple.com/kb/ht4175

I assume the data protection feature is something more than just preventing casual access to the device through a password. However, the support article does not explain it (to me at least) in sufficient detail.

I feel these sentences need more explanation:

"Data protection enhances the built-in hardware encryption by protecting the hardware encryption keys with your passcode. This provides an additional layer of protection for your email messages attachments, and third-party applications."

 

[richwoodrocket]

Nobody can get at your data if they don't know your passcode

 

[ozaz]

My understanding is that even if passcode is not enabled, data can't be read from flash memory removed from the device because the encryption keys are stored on the device.

Nobody can get at your data if they don't know your passcode

So data protection is no different to passcode enabled? Am I missing something?

 

[Bathplug]

I don't think a normal password has encryption but just stops people accessing your device. With data protection enabled it encrypts your device when it's locked. Plus wipes your device with 10 failed password attempts.

A developer told me with data encryption enabled people can't access the data of your device via a computer when the device is locked.

Thats how I understand it but it could be wrong.

 

[appleofmy"i"]

My understanding is this...

Your data is encrypted no matter what security lock you have set up.
Swiping across the screen (when you do NOT have a passcode lock or Touch ID setup) has the same effect as typing in the correct code. It then decrypts the data.

Until the phone is unlocked the data is encrypted and can not be accessed.

Steve Gibson did a FANTASTIC 3 part series on iOS security on TWiT. This is the first part--> http://twit.tv/show/security-now/446

 

[ozaz]

I don't think a normal password has encryption but just stops people accessing your device. With data protection enabled it encrypts your device when it's locked. Plus wipes your device with 10 failed password attempts.

A developer told me with data encryption enabled people can't access the data of your device via a computer when the device is locked.

Thats how I understand it but it could be wrong.

But what I don't understand is there is no independent toggle for the data protection feature. It just turns itself on when passcode is enabled. It does not seem possible to have passcode enabled, with data protection disabled.

Hence, I don't understand how it is different from passcode protection.

My understanding is this...

Your data is encrypted no matter what security lock you have set up.
Swiping across the screen (when you do NOT have a passcode lock or Touch ID setup) has the same effect as typing in the correct code. It then decrypts the data.

Until the phone is unlocked the data is encrypted and can not be accessed.

Steve Gibson did a FANTASTIC 3 part series on iOS security on TWiT. This is the first part--> http://twit.tv/show/security-now/446

Thanks. Can you point me to the point where iOS security is discussed?

 

[cynics]

Understanding data protection

From that article it's sounds to me that it utilizes your individual passcode as part of the method for unencrypting the data. Adding an extra layer of security that is individual to your device.

 

[Alonso Quijano]

Here's a link to an Apple security article that describes several aspects of iOS security

https://www.dropbox.com/s/s1odub1l0apests/iOS_Security_Feb14.pdf

The section that deals with data protection & pass codes starts on page 8

 

[ozaz]

Here's a link to an Apple security article that describes several aspects of iOS security

https://www.dropbox.com/s/s1odub1l0apests/iOS_Security_Feb14.pdf

The section that deals with data protection & pass codes starts on page 8

Thanks, I took a look at that section. It's a bit technical for me, but I think it helped a bit with my understanding.

Expanding the discussion a bit beyond the data protection feature, my main security concerns if I lost my device or had it stolen are 1) access to my data if the flash storage is removed from my device to be read elsewhere, and 2) bypassing the passcode to read the data in situ.

From what I've read, here's my understanding on how iOS mitigates these threats. I'd be grateful if someone could confirm or correct my understanding.

1) All data in flash storage is encrypted by an on-device encryption chip that sits between flash storage and RAM. It uses a device-specific unique encryption key. This happens even if no device passcode is setup. This means that if flash storage is removed from the device, it can not be read by any other device. It also facilitates instant wipe - because all that is needed is a reset of the device specific encryption key.

2) If someone has a functioning device in hand that is pass-code protected, a potential route in would be to bypass the passcode (e.g. via a jailbreak). Potentially this would give them access to everything on the device because the on-device encryption chip is now decrypting data from flash storage on the fly. However, the data protection feature mitigates against this. It's another level of protection that builds upon the hardware encryption key by creating another hidden key (based on some combination of passcode and device-specific key) to control on-device file access. The data protection feature is not something that is enabled/disabled independently of a passcode lock. It's always (and only) enabled if you are using a passcode lock. It's up to developers of individual apps how to use the data protection APIs to store data. Amongst other levels of protection, they could choose to give files complete protection (in which case they would not be readable if someone used a jailbreak to bypass the passcode lock) or they could choose to use no extra protection (in which case they would be accessible if someone used a jailbreak to bypass the passcode lock).