iOS Encryption and Data Protection
Ask iLounge offers readers the opportunity to get answers to their iPod-, iPhone-, iPad-, iTunes-, or Apple TV-related questions from a member of the iLounge editorial team. We'll answer several questions here each week, and of course, you can always get help with more immediate concerns from the iLounge Discussion Forums. Submit your questions for consideration using our Ask iLounge Submit Form. We reserve the right to edit questions for grammar, spelling, and length.
Q: I’m a bit confused about encryption on the iPad, as I’ve read a few conflicting reports about whether the iPad is actually encrypted at a hardware level or not. I’m looking to deploy a number of iPads in my company that would need to be used to store confidential data, but I can’t seem to find a straight answer to whether I need to find or buy an additional encryption app or whether simply protecting the iPad with a passcode is enough.
A: Technically speaking, the iPad and other current iOS devices provide full hardware encryption of all data stored on the device. However, taken at face value this is actually dangerously misleading in terms of the actual security of information stored on the device, since even the strongest cryptographic algorithms in the world are only as secure as the keys that are being used to manage them.
The problem is that the intent of the default hardware encryption is not to actually secure your data, but instead to simply facilitate a fast secure erase of the device in the event that it needs to be re-provisioned for another user or has been lost/stolen and needs to be remotely erased. The standard hardware encryption essentially uses a device-based encryption key that has no connection to your password or passcode whatsoever—it’s a device-specific key. Data is encrypted in the flash memory in such a way that somebody who removed the flash chips would not be able to read them, which does provide some theoretical security, but this is meaningless in reality unless you’re dealing with a device that is otherwise damaged beyond access through normal means, since a simple jailbreak to bypass the passcode on a functional device will provide open access to everything on the device—it is decrypted transparently as soon as the OS requests access to it.
The real purpose behind the built-in hardware encryption is to allow a device to be securely erased in seconds, rather than hours. Prior to iOS 3.0 and the iPhone 3GS, doing an “Erase all content and settings” operation on an iPhone or iPod touch could take an hour or more, depending on the amount of storage involved. This was because the device actually needed to go through and securely overwrite every bit of flash memory. The hardware encryption introduced with the iPhone 3GS, and found in all subsequent models, allowed a device to be wiped simply by invaliding the encryption key and generating a new one. In this case, all of the data technically remained exactly where it was in flash memory but became inaccessible as the key itself was wiped. This became crucially important particularly with the Remote Wipe features introduced in iOS 3.0, since the alternative was for a remote wipe to take hours, during which time data remained theoretically recoverable.
There is some slightly good news, however, in terms of actual data security. With iOS 4.0, Apple added a new feature known as Data Protection, which does in fact provide secure encryption of data on the device. This is handled by encrypting the selected data using a key derived from your device passcode, meaning that without knowing your passcode, the data truly is inaccessible to all but serious cryptographic attacks. Even if somebody were to jailbreak your device and bypass your passcode, information protected by the Data Protection API would remain encrypted and therefore inaccessible, since your passcode—the important piece of the decryption key, is not known.
Data Protection is enabled automatically simply by setting a passcode on the device. The catch, however, is that the Data Protection feature only secures data in applications that have been specifically designed to use the Data Protection APIs. In terms of built-in applications, that’s only the Mail app, and third-party apps that actually make use of the Data Protection features are surprisingly rare; GoodReader and Box.net come to mind as good examples, but many other file storage apps such as Dropbox do not provide this support, meaning that your cached data is no more secure than your physical possession of the device. This means that if you’re concerned about storing confidential data with secure encryption you will need to look to exclusively using third-party apps that support the Data Protection APIs.
It’s also important to keep in mind that any apps that use iCloud storage cannot use Data Protection, as the two are mutually exclusive due to the requirement for background synchronization of iCloud data when the device is locked. Even GoodReader, for example, notes that documents you choose to store in the “iCloud” section of the app will not be protected by the Data Protection encryption.
Of course even Data Protection is only as secure as the passcode on the device. Using the Apple Configurator you can configure requirements for more complex passcode policies on devices to help improve security in this regard, as well as enabling an automatic erase of the device after a specified number of failed attempts.
- Will removing a credit card from Safari also remove it from Apple Pay?
- Can I mute Handoff calls coming into my Mac from my iPhone?
- How do I keep my iPhone calls from ringing on my Mac?
- Why doesn’t Traffic show up on my Today Notifications Screen?
- Why doesn’t my iPhone reconnect to Wi-Fi after I turn it on?
- Why can’t I see the iPad-style landscape view on my iPhone 6 Plus?
- Apple’s new ‘Echo rival’ may feature a camera
- Apple ‘working rapidly’ to extend Apple Pay to more countries
- Report: Apple’s Siri-based Amazon Echo competitor will be a new Apple TV
- Report: Apple SVP Eddy Cue proposed bid to buy Time Warner
- Beta testing for Pokémon GO begins in the U.S.
- Apple’s plan to open stores in India hits a snag (Update: India’s finance minister ratifies ruling)
- Apple looking into charging stations for electric cars
- Apple hires hint at improvements in encryption, health monitoring
- Hyundai adds CarPlay support to more vehicles
- Plaintiffs file new motion to keep ‘Error 53’ Touch ID lawsuit alive
- OtterBox Symmetry Series Hybrid Case for 12.9” iPad Pro
- Logitech Logi BASE Charging Stand for iPad Pro
- Twelve South TimePorter for Apple Watch
- August Doorbell Cam
- August Smart Lock HomeKit enabled + Smart Keypad
- ecobee3 HomeKit-enabled smart Wi-Fi thermostat
- Zagg Now Cam
- Yantouch EyE Portable Wireless Speaker
- Netatmo Wind Gauge
- Incipio Stashback for iPhone 6/6s
- Filling the Gap: A look at third-party HomeKit apps
- Instant Expert: Secrets & Features of tvOS 9.2
- Instant Expert: Secrets & Features of iOS 9.3
- Opinion: Why Apple needs a dedicated HomeKit app
- Inside the betas: What’s new in iOS 9.3 and tvOS 9.2 (Updated)
- Life with HomeKit: Our experiences with Apple’s home automation system
- Under the Radar: 10 ‘hidden’ details about the new Apple TV
- Instant Expert: Secrets & Features of iOS 9.0
- Under the Radar: A closer look at smaller iPhone 6s and iPhone 6s Plus changes
- A First Look at iOS 9’s Transit in Apple Maps (Updated for watchOS 2)