ra2 studio - Fotolia
How attackers can intercept iCloud Keychain data
A verification flaw in the synchronization service of iCloud Keychain enables attackers to intercept the data it transfers. Expert Frank Siemons explains what to do about it.
In macOS 8.6, Apple introduced its Keychain password management system. Still integrated into every subsequent MacOS release, Keychain provides centralized storage for passwords, network shares, notes, certificates, credit card details and many other sensitive types of data.
With the increasing popularity of both cloud applications and password managers, as well as the demand for user-friendly applications, Apple took the traditional Keychain system a step further and introduced iCloud Keychain. This cloud offering keeps all Keychain data in sync between macOS and iOS devices. From a user's perspective, the iCloud Keychain is a great service, but of course, there are security risks associated with the transfer and storage of this sensitive data.
The vulnerability
As expected, the transfer of synchronized data between devices is covered by end-to-end encryption. For this encryption, Apple uses the Off-the-Record (OTR) protocol. OTR utilizes a combination of the AES 128-bit symmetric key algorithm, the Diffie-Hellman key exchange and SHA-1 for hashing. Because of the use of device-specific keys as an additional security layer, the sensitive user data is reasonably well-secured.
In March 2017, however, security researchers at Longterm Security found a flaw in the OTR implementation. Simply put, if the encryption itself cannot be broken, it needs to be bypassed through some kind of flaw. This vulnerability was logged as CVE-2017-2448, and it was covered in a presentation at Black Hat USA 2017.
The exploit
A key part of iCloud Keychain security is the signed syncing circle. This circle is made up of interconnected, trusted devices that all use the same iCloud account.
Communication between these trusted devices in the circle is secured with a combination of a syncing identity key associated with each device and a key derived from the user's iCloud password. Before a new device can join the circle, an existing device needs to approve the new member via a signature validation process.
The researchers found a way to exploit a signature validation error via a specifically crafted packet. This provided the ability to establish an OTR session and, when in possession of the target user's iCloud password, to gain access to synchronized user secrets, such as passwords and credit card information.
Prevention
On March 27, 2017, Apple released the iOS 10.3 update. This update addressed the described CVE-2017–2448, "through improved validation." This means the vulnerability in iCloud Keychain was patched. However, similar attack vectors still exist.
Mobility and the use of centralized cloud storage and management have taken an important place in personal and business connectivity. This requires a holistic security policy around these technologies, preventing similar attacks regardless of any future vulnerabilities that may be present.
Any organization that allows company data to be stored on staff mobile devices should have mobile device management (MDM) in place. To sign devices up and gain access to corporate data via applications such as intranet sites and email, employees need to hand security control over to the organization via an MDM agent.
This means that, for instance, password policies and encryption can be enforced by security administrators before any corporate data is allowed onto a device. What it also means is that patch levels can be monitored and managed. In the case of the iOS 10.3 update, which patched the iCloud Keychain OTR vulnerability, this patch can be set as a technical requirement for devices, or staff could simply be notified that they need to update their devices as soon as possible.
MDM products such as VMware AirWatch or Cisco Meraki often also offer built-in or third-party, host-based malware protection or an intrusion prevention system (IPS). An IPS agent can report suspicious behavior or a man-in-the-middle attack on a device. When adequately monitored, such a service could detect and prevent vulnerabilities and their exploits all the way down to the early zero-day stage.
The use of two-factor authentication to iCloud could have severely limited the impact of a successful exploit of CVE-2017-2448. The attacker could have gained access to an OTR session and iCloud password, but it would be useless without also having access to the last part of the authentication requirements -- the temporary verification code, which is sent to the account owner out of band.
Conclusion
High-severity vulnerabilities targeting Apple iCloud and iOS are relatively uncommon. However, they do occur. With a good understanding of the risks of using the latest mobility technologies, some solid security controls can be put in place to prevent most of the risks to corporate and personal data.
Whether the data is made up of personal photos and credit card information or a collection of company passwords, the underlying security principles are the same. Security controls such as patch management, encryption, password policies and two-factor authentication will keep most data safe, and should be implemented at all times.
