iPhone 3GS Offers Enterprise-Class Security for Everyone
[Update: Soon after this article came out, a technique for circumventing any iPhone encryption, including the hardware encryption of the iPhone 3GS, was published. You can read more about it over at Wired. This technique requires only moderate skills and we’ve confirmed its plausibility with our own limited testing. Rich is writing a followup article with more details, which we will link at the top of this article once it’s available. We hope Apple will address this issue as soon as possible, but until they do, iPhone encryption should not be considered secure.]
The original iPhone was widely criticized by security professionals for lacking essential security features for the enterprise, the large corporate networks that have special needs because of huge numbers of users and the massive back-end operations to support those users.
The original iPhone was hard to lock down, had only limited secure connectivity options, and lacked both data protection and some way to destroy data remotely if you lost the phone. Those capabilities have continued to improve with every iPhone software release and, combined with the hardware improvements in the iPhone 3GS, even regular users can now enjoy security equivalent to that provided by most corporate environments.
The iPhone 3GS Hardware Advantage — While most of the software features I describe below work on any iPhone running the iPhone OS 3.0, the 3GS model has one significant advantage that enables all of its owners to experience enterprise-class security. The iPhone 3GS includes a hardware encryption chip that uses the industry-standard AES 256 protocol (that’s the Advanced Encryption Standard, with a key length of 256 bits).
Hardware encryption enables a device – a phone, a hard drive, or what have you – to be nearly instantly wiped by erasing the encryption key stored on the device. With a well-designed system, securely removing that key means all data is entirely unrecoverable, even by a government… maybe.
According to Apple, all data on the iPhone 3GS is encrypted by default. Other than Research in Motion’s BlackBerry models, very few smartphones on the market encrypt all data. Considering how much personal data we tend to keep on these advanced devices, this is an incredibly important feature. Assuming you follow my other recommendations, it’s highly unlikely even a knowledgeable attacker could break into a lost phone and retrieve your data.
This doesn’t protect you from all attacks. As with any other encrypted computer, if the bad guy hacks the device while you are logged in, he can still access your unencrypted data. But lost phones are the most common risk we face, and default encryption (with passcode locks, which we’ll get to) essentially eliminates your exposure.
Setting Passcode Locks — One of the most basic security options on any phone is setting a passcode to lock the screen. This prevents prying eyes from gaining easy access to your email messages, phone numbers, or text messages, and it’s an option on pretty much every phone on the market. To set this on your iPhone, tap Settings -> General -> Passcode Lock and enter a passcode. (Don’t forget it, or you’ll have to restore your phone to get back in!) This feature predates iPhone OS 3.0, and works on any model.
On the Passcode Lock settings page you also have some additional options. On any iPhone, you can choose the amount of time your phone sits idle before it requires the passcode again. I set mine for 15 minutes, which is a good balance between security and usability for those times I slip it in and out of my pocket.
On the iPhone 3GS, you can also choose to allow or disable voice control when the screen is locked. I leave this on so I don’t have to enter my passcode when using voice dialing while driving, but if you are worried about someone making calls to the Antarctic when you leave your phone unattended (or listening to any potentially embarrassing iTunes song selections), you should disable it.
Erasing Your Data — One additional feature sets the passcode lock on the iPhone apart from many other phones on the market. If you select the option to “Erase Data,” the iPhone allows just 10 failed attempts at entry. After that, the operating system starts the wiping process, deleting everything on your phone. (Don’t worry: if you do this by mistake you can restore from your last backup.) I’ve seen this feature in enterprise devices like the BlackBerry, but it’s rare in a consumer phone.
On original iPhones and the iPhone 3G, wiping can take some time, as the software deletes, then overwrites, your data: Dan Frakes at Macworld got Apple to quantify that it takes 1 hour per 8 GB of data.
On the iPhone 3GS, it’s faster and easier, as noted earlier. The iPhone 3GS just has to delete the encryption key that protects the data. This is known as “crypto-shredding,” and is a common practice in the security world.
Remote Wipe — With the release of the iPhone OS 2.0, corporate users gained the capability to wipe lost devices remotely using Microsoft Exchange integration. This is an important feature, since forensic investigators can often recover data off devices by connecting them to computers and performing direct analysis, rather than having to beat the passcode lock. (The 3GS is still protected, thanks to its hardware encryption.) Remote wipe sends a signal to the phone to delete all its data, assuming the phone is turned on and connected to a network to receive the signal.
As has been widely reported, iPhone OS 3.0 users with MobileMe accounts now gain the same capability, without needing a corporate server. By logging into the Find My iPhone area of MobileMe (in the Accounts screen), you can wipe your phone by selecting Remote Wipe. This is the first time we’ve ever seen this option in a consumer phone and service, although it does require a paid MobileMe subscription, which retails at $99 per year for a single user, or $149 for a family pack of 5 unique accounts. It also requires that you enable Find My iPhone on the phone itself; it’s not turned on by default when you enter or sync your MobileMe information.
Remote Wipe on the iPhone 3GS works just like a passcode wipe; the encryption key is deleted, making it a fast and effective process.
An Unexpected Benefit — One major thorn in the side of enterprise security teams is portable storage. Now that small storage cards, like the SD cards powering our digital cameras, can hold many gigabytes of data, they have become a common transport mechanism for the loss of sensitive information.
Many smartphones support external storage, which is rarely encrypted or otherwise protected. Enterprise security tends to require expensive software to restrict use of portable storage on remote devices and protect corporate data.
Since iPhones don’t support additional storage, this is actually a benefit for the enterprise. Personally, I was more than satisfied with the 16 GB on my iPhone 3G, and haven’t come close to pushing the storage limits of my 32 GB iPhone 3GS.
Additional Security Benefits… and Risks — The inclusion of encryption hardware on the iPhone 3GS, combined with a good selection of security options, is an advantage for both enterprises and consumers. iPhones are now easy to secure in case of physical loss, but this isn’t the end of the security road.
There are two other major features that aren’t security-specific per se, but convey significant security benefits. The iPhone is probably the single most updated phone on the market. I don’t mean our annual sojourns to the Apple store for the latest hardware, but the ongoing software updates to add features and plug security holes. Phones are small computers now, and subject to the same problems with software vulnerabilities as your Mac or PC.
While the iPhone has suffered more than its fair share of vulnerabilities (46 patched in the last update), unlike with most consumer phones, users are far more likely to update their iPhones in a timely fashion, closing the holes. In the past, for many phones you had to take your device into a retail store and make a special request to get any kind of update. With the iPhone, assuming you plug it into a Mac or PC on occasion, it’s hard to avoid getting these security updates.
The second feature is the automatic backup built into iTunes. Assuming you connect your iPhone to a computer, iTunes backs up all the data on your phone, including most of your settings and all of your applications. Aside from protecting you if you trash your phone, it also means that you don’t need to worry about losing your data if you make a mistake in setting any of the security features.
I can remotely wipe my iPhone to my heart’s content without suffering any real loss, other than a little time to restore the backup and clean up a few settings. iTunes can also encrypt your iPhone backups (for any model running iPhone OS 3.0), which is useful for enterprises.
Secure As Can Reasonably Be — I’ve focused on the most important security features for a phone, but the iPhone is also a small computer, with a variety of additional security options. You can use a VPN connection to encrypt your network communications, encrypt your email connections (without needing a VPN), and install additional security tools such as the iPhone version of the popular 1Password password management tool.
This isn’t to say the iPhone is perfect. The reliance on iTunes is a serious liability in enterprises that frequently don’t want such consumer software cluttering work computers. Also, as mentioned, the iPhone has experienced many software vulnerabilities, some of which could allow an attacker to take control of your phone by having you visit a malicious Web page. One security researcher recently discovered a way to hack iPhones remotely with little more than SMS text messages.
The iPhone 3.0 software includes a number of security features that place it on par with most other smartphones on the market. But with the additional encryption hardware on the iPhone 3GS, and a MobileMe subscription, consumers can now experience enterprise-class security.
Hi Rich, great article thanks. Encryption was one reason I've bought the 3GS so it's reassuring to have the security confirmed. I'm wondering what 'encrypted by default' means though--why doesn't Apple just say 'encrypted'? Can it be turned off or data stored unencrypted, forinstance by 3rd-party apps?
Apple does say that- "default" was my addition. To my knowledge, it can't be turned off, but it isn't well documented so I can't be completely sure.
Aloha Rich! Great article. You forgot to mention the Apple iPhone Configuration Utility for both Mac OS X and Windows.
About iPhone Configuration Utility 2.0 for Mac OS X
iPhone Configuration Utility lets you easily create, maintain, encrypt, and push configuration profiles, track and install provisioning profiles and authorized applications, and capture device information including console logs.
Configuration profiles are XML files that contain device security policies, VPN configuration information, Wi-Fi settings, APN settings, Exchange account settings, mail settings, and certificates that permit iPhone and iPod touch to work with your enterprise systems. For instructions on how to use iPhone Configuration Utility, see the iPhone and iPod touch Enterprise Deployment Guide, available for downloading at:
Enterprise Deployment Guide - http://www.apple.com/support/iphone/enterprise/
Thanks Carl- I did end up leaving that off to keep the article shorter, but it's a great tool.
Because I cannot control my iPhone let own inspect what is going on, I don't thinking I'll trust its hardware AES. I would rather trust a well vetted software implementation which I could inspect.
I have tried to write a nice post saying why your argument is absurd... insulting you personally is not my intent so please do not take it that way. However, you would be better off to give valid reasons why you believe that Apple would not implement AES properly and how a software implementation could be better. Unfortunately you come across as "one of those guys", paranoid and overreacting.
I don't believe that security by obscurity is valid, however the majority of people, myself included, will never inspect any of the software that we daily use.
You have no choice but to use hardware AES if you have the 3GS. Also, you have few (if any alternatives) to protecting information such as contacts except through the hardware AES.
If a government is out to get you, or corporate spies, there are other ways than your phone than relying on Apple to have botched the hardware AES. Unless you have years of crypto experience, your not going to find any flaws. Just ask Mr. Schneier re: SHA-3.
Hardware encryption is more secure than software, with much higher performance. It's built into many devices you use already, such as wireless.
Unless you are a cryptographic engineer, this isn't something I recommend people worry about.
Why would you say hardware encryption is more secure? If both hardware and software are performing AES256 there should be no difference, unless the iPhone 3GS has a real Trusted Computing Module to hold the keys as opposed to just an AES hardware accelerator...
Does the iPhone do encryption offload to the hardware chip for VPN traffic?
The iphone requires a 4 character password. If that is used to protect the encryption key, than it can be retreived easily.
Except if they store the key in the hardware encryption chip and not on the device (flash) itself.
The question is: is that the case?
Error: this is not a reply to the vpn question.
Excellent question. I did try and get more information on this and haven't found an answer yet.
BlackBerry solves this by cryptoshredding the device after a certain number of failed connection attempts. I will try and run this down more with Apple.
I hope you can get details. The security of the device is as strong as its weakest link.
I assume they use some TPM module in such a way that the encryption key is inside the TPM chip. If not, the whole AES encryption stuff is worthless.
It is all about the strength of the authentication method.
See also the remark:
question 2009-07-21 12:29
By default the iPhone uses a 4-digit passcode. But you can specify a strong passcode using the iPhone Configuration Utility. Not that this has anything to do with encryption; hardware encryption occurs at a much lower level than that.
On other smartphones you can turn encryption on or off. With iPhone 3GS, you can't. It's always on. Hence there not being any UI surrounding it; it just works.
Not to my knowledge. Only *part* of a VPN uses AES, and even then only "maybe".
I would expect that if it 'just works' and you've negotiated AES-* for the cipher that it would offload to the chip? Presumably it would work like any crypto offload and it's happening at the crypto library level and is relatively transparent. But it might not be if the VPN stack uses it's own library for some unknown reason?
There's no absolute need for iTunes other than perhaps initial account setup, which has to be done by someone anyway. The fact you'd use iTunes for that is no more onerous than any other method. The only other need for iTunes is OS updates, and in the enterprise, you'd not want users doing this themselves anyway.
Once that's done, you can provision the phone rather nicely sans any contact with iTunes. So the requirement for iTunes is actually quite small.
John, I was thinking for the software updates. Is there another method for that except third party tools?
I can't believe you've not mentioned Apple's iPhone Configuration Utillity http://www.apple.com/support/iphone/enterprise/
It lets you set more complex passcodes - alphanumeric, more characters, and passcode policies.
It also lets you install SSL certificates, so you can use self-signed server certificates (good for intranet use)
And, you can create configuration profiles for restrictions (eg, can't use a camera), VPN, email (to make sure the right servers are used), and so on.
You can make your iPhone much more secure with these tools.
Ian- I didn't realize you could add the stricter passcode requirements. That's my fault and I should have had it in the article.
Hi Rich, great article showing why the iPhone 3GS is now enterprise class. While consumers can enjoy enterprise-class security, IT is still looking for a simple to use tool set to manage them. Management of iPhones seems to be falling onto the shoulders of the BES admin, and as a result they want a unified console, distinct from Exchange since some businesses use Lotus Notes or Gmail, to manage both ActiveSync and Config Profile policies and also ensure user compliance. If that's of interest, people should check out Trust Digital's EMM platform- http://www.trustdigital.com/iphoneOS3.php. Sorry, that's a shameless plug on my part.
One caveat: MobileMe connections are mostly unencrypted and it's therefore not advisable to use MobileMe if you care about security.
Does anyone know how they implemented the encryption? What hardware chip do they use? How is the filesystem encrypted? Where are keys stored? Do they use a TPM? As long as apple doesn't give any details, it's just as unsecure as the 3G. Security without details is no security, it's just a joke to convince some sales guy. Just take a look at Apple's security track record (the way they patch vulnerabilities, FileVault history, etc). If you want a secure phone, you need an open implementation or at least open specs. Maybe the way Apple advertises the 3GS hardware encryption is to distract the customer from the poor implementation. As long as there are no in-depth details, it's just a bad joke.
This is my major gripe about this subject. At first, terms like AES with 256 bit keys sounds great.
However, there are many questions about its implementation, as you outline.
If they do not use TPM, thus store the key on the device itself, the whole solution is worthless. Ofcourse, if the key is 'protected' by the default 4 digit pin, the solution is equally worthless.
There are no details, but the security researchers I know who have looked at it (so far) tell me it's effective.
How is it effective? People need to start questioning what is told to them by Apple.
July 14, 2009: State of iPhone Forensics in a Nutshell
In a nutshell, all three iPhone models (iPhone, iPhone 3G, and iPhone 3G[s]) running any firmware version up to and including the latest version 3.0, are fully accessible by forensically safe methods to recover full raw disk and live file system from all devices, whether passcode protect or not, whether an encrypted backup password is set or not. The process is performed across USB in as little as 15-30 minutes with a Mac. Law enforcement agencies may request access to the online file repository containing research and tools for performing forensic recovery and examination of a device. No exceptions will be made.
In light of recent news http://it.slashdot.org/story/09/07/24/2218201/iPhone-3Gs-Encryption-Cracked-In-Two-Minutes I just wanted to remind every fanboy here that they were wrong.
Rich is working on testing elements in the article, and will update this piece, as well as likely writing something new. If it all checks out, it's very disappointing, and shows some flaws in Apple's stress testing.
I'm in the process of verifying this. If it's true, which it seems to be, we will update the article and try and get a formal response.
This isn't a fanboy issue... and I'll be as disappointed as anyone if it's that easy to circumvent.
I've added an update at the top of the article pointing to coverage of the vulnerability. Thanks for the links and comments everyone.
Greast article. Looking for some advice. We recently mandated use of BlackBerry's for our enterprise for many reasons but a very important one was was the BES solution for enterprise management. Workds very well. Very solid. We (as most organizations) are getting pressure to support the iPhone... This was a great article on the security features of the iPhone but I am still unclear on how you manage an enterpise fleet of these devices. Is there a BES equivalent available? From Apple or 3rd party? Also, is there an iPhone enterpise implementation guide or best practices document for implementing iPhones in the Enterprise?
Right now there isn't something as good as BES, although I know some third party management tools are starting to add iPhone coverage (all to a different degree, and I apologize for not knowing all the vendors off hand). Apple does have an enterprise guide you can find at http://manuals.info.apple.com/en_US/Enterprise_Deployment_Guide.pdf
You also have some management via Exchange, although that's limited.
We are also planning on writing more on the enterprise management of iPhones and Macs, but that's taking us a bit of time.