How Does Apple’s Secure Enclave Protect My iPhone or Mac?

by Carl Smith Software Developer


To manage your biometric information, iPhones and Macs ‘Touch ID or Face ID’ make use of a separate processor. In technical terms, it’s known as the Secure Enclave. It’s generally a computer in itself, and it provides many security features.

The Secure Enclave boots are entirely different from the rest of your device. It functions its microkernel, which is not exactly accessible by your operating system or any of the programs working on your device.

There is always 4MB of highlighting storage space which is used for storing 256-bit elliptic curve private keys. These keys are very unique to your device and are never synced to the cloud or even straight observed by your device’s primary operating system. Instead, the system enquires the Secure Enclave to decrypt information by utilizing the keys.

  • Reason Behind The Presence Of Secure Enclave-
  1. The ‘Secure Enclave’ does make it harder for hackers to steal sensitive information without gaining physical access to the device. It is so because your basic operating system doesn’t watch the decryptions keys, it’s amazingly tough to decrypt the data without proper authorization.
  2. Always remember that your biometric information itself is not put on the Secure Enclave; 4 MB isn’t sufficient storage space for all that data. Instead, the Enclave stores encryption keys which are used to lock down that biometric data.
  3. It’s worth noting that third-party programs can also make and store keys in the enclave to lock up the data, but the apps never have access to the keys themselves. Instead, apps make requests for the Secure Enclave to encrypt and decrypt the data. This implies that any of the information encoded using the Enclave is very difficult to decode on any other device.
  4. You should also know that the Secure Enclave imports keys from other devices because it’s designed to make and utilize keys locally. This results in making it very difficult to decrypt information on any of the device but only on the one on which it was made.
  • Earlier, Wasn’t The Secure Enclave Hacked?
  1. As the Secure Enclave has complex settings, so it makes life tough for hackers.
  2. It’s a fact that there is nothing that has wholly perfect security. Hence, it is reasonable to predict that there will be someone who will compromise all of this eventually.
  3. During the year of 2017, some curious hackers declared that they had been able to decrypt the firmware of the Secure Enclave, potentially providing them the details into how precisely the enclave works.
  4. Conformingly, Apple would refer to it like the leak that hadn’t happened, but note that hackers have not in actual found a path to retrieve the encryption keys stored on the enclave. They have only decrypted the firmware itself.

Hope, this blog would have been helpful for you.

Carl Smith is a self-professed security expert; he has been making the people aware of the security threats. His passion is to write about Cyber security, cryptography, malware, social engineering, internet and new media. He writes for Norton security products at

Source -

Sponsor Ads

About Carl Smith Advanced   Software Developer

82 connections, 2 recommendations, 269 honor points.
Joined APSense since, March 22nd, 2018, From Houston, United States.

Created on Jan 11th 2019 09:17. Viewed 113 times.


No comment, be the first to comment.
Please sign in before you comment.