Christian's Docs
  • Welcome to my Docs!
  • Deep-dive
    • The Active Directory Notebook
      • AD DS: Domain Services
      • AD CS: Certificate Services
      • AD FS: Federation Services
      • AD LDS: Lightweight Directory Services
    • Attacking AD environments
    • Kerberos Authentication Protocol
    • NTML Authentication
    • LDAP Bind Authentication
    • TLS and Ciphers Suites
    • OAuth2 and OIDC
      • Authorization Code Flow
    • HTTP Security Checklist
  • In progress ...
    • SAML
    • PKI and X.509v3 Certificates
    • SAML 2.0
    • IETF RFC geekery
    • HTTP compression and BREACH-attacks
    • iOS Encryption & Data Protection
  • Archive
    • Brotli for NGINX
    • Don't touch PHP again
  • Portfolio
  • Github
  • Linkedin
  • Medium
Powered by GitBook
On this page
  1. In progress ...

iOS Encryption & Data Protection

PreviousHTTP compression and BREACH-attacksNextBrotli for NGINX

Last updated 1 year ago

  • Secure Enclave

  • Encrypted Data Storage

  • Keychain

    • Access Control

    • Data Protection Classes

  • Keybags

  • Securityd

  • Passcode

    • Used for entropy

    • Hardware-based Rate-limit enforced by the Secure Enclave

    • Tangling algorithm PBKDF2. UID is pseudorandom function (PRF)

https://support.apple.com/guide/security/how-data-files-are-created-and-protected-sece8608431d/web
https://support.apple.com/guide/security/aside/sec8e00e0dd8/1/web/1
https://support.apple.com/guide/security/passcodes-sec20230a10d/web