The iCloud keychain and iOS 7 data protection

Protect your data with the world’s leading information security standard, ISO 27001 – Classroom courses now in New York. Book Now>>

When Apple announced iOS 7, iCloud Keychain was one of its key features. It is no doubt great for usability, but what about security? What kind of access does Apple have to the passwords stored in the iCloud?

The talk by Andrey Belenko from PasswordsCon Bergen 2013 focuses on protection of user data. It reviews iOS Data Protection and changes that iOS 7 brought to it. The author explores in great detail the inner workings of the new iCloud service — ‘escrowproxy’ — which is the essence of the iCloud Keychain. Other iCloud services, such as iCloud Backup, receive some attention, too.

The main giveaway of the talk is the in-depth analysis of the new iCloud Keychain feature. You learn how, when, and where things are encrypted, and what it takes to decrypt them.