March 10, 2014, 2:01 PM — Apple's iCloud Keychain conveniently saves and syncs your passwords across your Apple devices so you don't have to try to remember all of them. However, the default way Apple secures your iCloud Keychain isn't as secure as this lesser known method. If you want to protect your passwords as much as possible--even from the NSA--this hack's for you.
Security pro Rich Mogull details on TidBits the complex way iCloud Keychain works. According to the article, Apple uses different security methods for syncing your keychain (creating a signed circle of trust for all your devices with public and private keys) and for backing up and recovering your Keychain (encrypting the entire keychain with a new iCloud Security Code and a special public key--i.e., a hardware security module or HSM).
It's all pretty complicated, but this is how it's supposed to work:
This gets a little complicated, but the easy way to think about it is that only the HSM can read the key encrypted with the iCloud Security Code, but since it doesn’t store the iCloud Security Code, it can’t read the actual key used to protect the keychain. If the right conditions are met, the HSM (actually a cluster of HSMs in case one breaks) will release the key, which can then be decrypted with the iCloud Security Code. Only then can the key be used to unlock your keychain.
The problem is the HSMs could be modified or compromised by Apple, for example, if they were coerced by the NSA or other law enforcemnt agencies. The iCloud Security Code--usually the code you use to log into your iPhone or iPad--also isn't as secure as possible, because it uses only four digits by default, and even if you go for the advanced options of a longer code, that doesn't create enough entropy.
To protect your keychain passwords, you'll need to create a security code that's less guessable--one that's totally random and "contains so much entropy that you don’t need the HSMs, since it is theoretically impossible to break via brute force using current (and foreseeable) techniques and technology."
That setting is under Settings > iCloud > Keychain. Turn on iCloud Keychain, and select "Create Different Code" when prompted. Then, go to "Advanced Options" and choose "Get a Random Security Code." Back up this new random iCloud Security Code (on paper and in a password manager), because it's the only way your iCloud Keychain could now be decrypted--even by you-know-who.
Head to TidBit's article for more details.
Read more of Melanie Pinola’s Tech IT Out blog and follow the latest IT news at ITworld. Follow Melanie on Twitter at @melaniepinola. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.