Intercepting iCloud Keychain

Explore a critical cryptographic implementation flaw discovered in iCloud Keychain's end-to-end encryption system during this 25-minute Black Hat conference talk. Delve into the potential for sophisticated attackers with privileged access to iCloud communications to man-in-the-middle iCloud Keychain Sync and gain plaintext access to secrets. Examine the components of iCloud Keychain, the Circle Protocol, and the process of secret syncing and recovery in the cloud. Investigate the uncovered vulnerabilities, including CVE-2017-2448, and their impact on Apple's security goals. Learn about the OTR flaws, signature bypass attack, and stack overlap attack. Conclude with a discussion on the implications for the security industry and potential next steps.

Intro
Secret Syncing & Recovery in the Cloud
Designed to be Highly Secure
Critical Flaws Now Fixed
Prior Work & Presentations Covering iCloud Keychain
iCloud Keychain Components
Circle Protocol Illustrated
What happens when devices are lost while traveling?
iCloud Keychain Passwords Overview
How Does A New Device Join Without Approval?
Uncovering a hidden peer
Which Backups Contain the Cloud Identity Key?
iCloud Keychain Sync Transmits Data Across Apple Services
OTR KEX Messages
Pairwise, Fanout Negotiation
OTR Flaws
CVE-2017-2448 - SecVerify Signature And Mac
CVE-2017-2448 - Goto Fail Redux
CVE-2017-2448 - Sample Trigger in 32 Bytes
Signature Bypass Attack Impact
Apple's iCloud Keychain Security Goals (without OTR fix)
Stack Overlap Attack Impact
Wrapping up
Next Steps for the Security Industry
Questions?