Login/Register
Using Touch ID on iOS to encrypt data
Asked Answered
iosencryptionkeychaintouch-id
J

2

16

What I'm trying to do

Basically what I'm trying to do is figure out a way to encrypt data using Touch ID.

Sadly I've not found a way to create an encryptionKey with Touch ID, since the LAContext API only returns a aye/nay response.

Why I'm trying it

I'm implementing different log in methods in an app. The supported log in methods are a password, PIN-code and Touch ID. The user is free to choose whatever log in method he/she wants.
Only the password however, is send to the server which will authenticate the user. As such, only the password is stored in the keychain.

The encryptionKey, used to first encrypt and then store the password in the keychain, is created using whatever method the user chose as log in method.
If the user chose to use a PIN-code, the encryptionKey is derived from that PIN-code, the same can be said when the user chose a password as log in method.

My question is:

How can I fit Touch ID in this picture?

I've searched on the internet, but only found what I already feared.
Since iOS only returns a true or false from the Secure Enclave, it's impossible to create an encryptionKey.

I know the keychain is encrypted by itself, but for security reasons (please don't elaborate on this) I need an encrypted password stored in the keychain.

EDIT:

The reason behind storing data encrypted in the keychain is because the keychain can be breached by jailbreaking a device. And since the app I'm working on allows users to view (mostly) corporate sensitive data, I need to take even jailbreaking into consideration.

Jealous answered 13/8, 2015 at 9:24 Comment(6)
Short answer NO, the TouchID can only be used to used to validate a know user of the device. Hence you will one receive a BOOL.Lundell
Great feature request... :- ( I too wish we could do this.Appendix
It's really too bad; implementing TouchID for third-party apps (in my case/context with corporate data) is actually taking a small step backwards in terms of security. The convenience for the user is noted however.Jealous
I'd question how much security a pin code is adding to the equation. How long would it take an attacker to brute force the entire 10^6 key space for a 6 digit pin code if they've compromised the enciphered password and whatever you're using to salt the key derivation method?Viscose
@JCSG I don't think including a PIN is explicitly adding any security. In fact, I think security actually suffers the more options you add for encrypting a password. Adding the other log in methods is only done as a convenience act towards the user; you'd be better off using a 'long' and 'irregular' password as only log in method.Jealous
@Gee.E See my answer. I think this is what you are looking for. For some reason, the keychain Touch ID API is much less known about vs the LocalAuthentication framework.Domash
N
5

Use the kSecAccessControlTouchIDCurrentSet or kSecAccessControlTouchIDAny keychain access control attributes to protect your encryption key in the keychain. Using this API will fail if the user does not have Touch ID enabled (or the device does not support it), and using kSecAccessControlTouchIDCurrentSet will fail if the user modifies the set of fingerprints. In case of failure, you can then fallback to your normal authentication UI, such as pin code or password entry.

See the WWDC 2014 711 Keychain and Authentication with Touch ID talk and WWDC 2015 706 Security and Your Apps for more information.

As a general note, do not store data in the keychain. You should only store passwords, encryption keys or credentials, and use those to decrypt data stored on the disk.

Nildanile answered 28/10, 2016 at 14:8 Comment(3)
I've seen the TouchID API on the keychain, but from what I remember; it was not exactly what I was looking for. I'l look into it again whenever I have the time to open up the project again. That being said; I'm aware that you should use the keychain as...well a place to store keys, not 'general' data :)Jealous
I am just saying that because we used to abuse the keychain for general purpose storage, and things start going bad after a while.Domash
Agreed, didn't mean to offend you; I've heard/seen stories of keychain uses that...raised my eyebrow.Jealous
S
-1

I know, this question was posted back in 2015, but I researched for the same problem. As Far I know, it's actually not possible.

I have found this Quote on the 1Password website concerning this topic:

Don’t jailbreak your device. Someone with physical access to your device could theoretically access the secret that 1Password stored in the iOS Keychain. However, that would require unlocking the device, jailbreaking the device (so that something other than 1Password can read the iOS Keychain data that belongs to 1Password), and defeating the obfuscation of the Master Password. If you jailbreak your device, you are willingly defeating one of the strongest defenses against such an attack.

So, simple answer: It's not possible :(

Selfloading answered 28/10, 2016 at 13:48 Comment(3)
Not really what the OP is asking right? Using the fingerprint as a key, so not storing it in the keychain, would fix this issue.Uda
I'm not sure I fully understand your answer. As @ErikTerwan said; my question is about whether or not you can effectively use TouchID to encrypt an encryptionKey which is used for encrypting a password.Jealous
@ErikTerwan maybe I wasn't clear enough, what he is asking is not possible on iOS! You need to use the KeyChain, which may be insecure (jailbreak)Selfloading

© 2022 - 2024 — McMap. All rights reserved.