Strongbox often needs to store sensitive/confidential user secrets to offer useful features like convenience unlock, SFTP or WebDAV connections.
What are these secrets, confidential or secure items?
- Master Passwords (required if you use Face ID, Touch ID, PIN Code or Apple Watch Unlock)
- SFTP Credentials (Login Passwords or Keys)
- WebDAV Credentials (Login Passwords)
Strongbox uses the current Rolls Royce standard for this on iOS and Mac. Most modern devices now support Secure Enclave technology which is used along with the well known, secure and long trusted iOS/Mac Keychain to store various these various secure items.
You can find some more details below but the summary is, the protection is excellent and as good as technically possible. As always the trade off is between convenience and security, and you can increase your security by not using convenience unlock at all. The merits of this strategy are outside the scope of this article.
Secure Enclave (Elliptic Curve Key Pairs with ECIES and AES)
The Secure Enclave is a dedicated hardware co-processor designed explicitly for cryptography & key storage, and designed to be resistant to attacks. It is not available on all devices, but most iOS devices since the iPhone 5s and most modern Macs have a Secure Enclave. When the Secure Enclave is unavailable, Strongbox falls back on the older but still very secure Keychain for secure storage. This fallback mechanism will not be discussed further here.
Strongbox uses the Secure Enclave to create a public/private key pair (elliptic curve keys) for each secure item it wants to store. Strongbox never knows exactly what these keys are, it can just obtain a reference to a particular pair once created. It can then use this reference to ask the Secure Enclave to perform encryption & decryption operations on its behalf.
The particular encryption algorithm used is AES, which is a standard and well known symmetric cipher. The key used for this symmetric encryption is derived by using the assymetric (public/private key pair mentioned above) using the ECIES (Elliptic Curve Integrated Encryption Scheme) standard. More specifically Strongbox uses the kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM algorithm to generate this key.
This symmetric key is used with AES to encrypt any of the secure items Strongbox wants to store. Once the item has been encrypted, the result is stored in the Keychain, or optionally only in memory depending on the item and whether it has been specified that it should only be stored in memory (in this case, the secure item will not be available after the Strongbox process exits). To decrypt, Strongbox takes the encrypted data, the public/private key pair references, and applies the same ECIES scheme to derive the same symmetric key and decrypt.
What about Backups, Keychain Access & iCloud Keychain (i.e. Accessibility)
Strongbox explicitly does not allow any of the keys or encrypted data to leave the device it is on. Strongbox uses the kSecAttrAccessibleWhenUnlockedThisDeviceOnly constant to ensure this.
They Keychain entries or anything in the Secure Enclave never enter a backup (Time Machine, iCloud or otherwise) and never go to the cloud. Further, the keys are only capable of being used by the Strongbox on that particular device once it is unlocked. They are simply not accessible outside of this context.
Expiry & Memory Only Storage
Strongbox stores each secure entry with expiry metadata. This means it is possible to limit how long Strongbox will be able to access a secure item. This is useful for items like the master password which is stored for convenience unlock. A side benefit of this is that it is also useful to require master password re-entry regularly.
Additionally, Strongbox can be requested to only store the encrypted secure item in application memory only and not in durable storage (i.e. the Keychain). This could be considered somewhat paranoid but it is also useful for those who want Strongbox to forget master passwords when it it is restarted or those who worry about Keychain attacks, which in the worst case would only expose encrypted data.
Summary
Strongbox offers on device secure storage for sensitive data. The encryption is as good as is currently technically possible on iOS and Mac devices, extremely secure, and state of the art.
Further Reading
- https://darthnull.org/security/2018/05/31/secure-enclave-ecies/
- https://medium.com/@alx.gridnev/ios-keychain-using-secure-enclave-stored-keys-8f7c81227f4
- https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_keychain
- https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/using_keys_for_encryption