Fraunhofer's study on iOS keychain security:

Fraunhofer 对 iOS 钥匙串安全性的研究：

• http://sit.sit.fraunhofer.de/studies/en/sc-iphone-passwords.pdf
• http://sit.sit.fraunhofer.de/studies/en/sc-iphone-passwords-faq.pdf

• http://sit.sit.fraunhofer.de/studies/en/sc-iphone-passwords.pdf
• http://sit.sit.fraunhofer.de/studies/en/sc-iphone-passwords-faq.pdf

From what I can tell, there are two levels of encryption that the iOS keychain uses. The first level uses the lock screen passcode as the encryption key. The second level uses a key generated by and stored on the device.

据我所知，iOS 钥匙串使用了两个级别的加密。第一级使用锁屏密码作为加密密钥。第二级使用由设备生成并存储在设备上的密钥。

Fraunhofer's researchers have figured out how to get around the second level. This is the "easier" level to get around, since the encryption key is stored on the device. So on iOS4, their method only works with keychain entries which do NOT use kSecAttrAccessibleWhenUnlocked or kSecAttrAccessibleWhenUnlockedThisDeviceOnly, because those entries reside in memory with the first level decrypted--even when the phone is locked.

Fraunhofer 的研究人员已经找到了绕过第二层的方法。这是“更容易”绕过的级别，因为加密密钥存储在设备上。所以在 iOS4 上，他们的方法只适用于不使用 kSecAttrAccessibleWhenUnlocked 或 kSecAttrAccessibleWhenUnlockedThisDeviceOnly 的钥匙串条目，因为这些条目驻留在内存中，第一级解密 - 即使手机被锁定。

• Starting from iOS 4, keys with kSecAttrAccessibleWhenUnlocked and kSecAttrAccessibleWhenUnlockedThisDeviceOnly are protected by an extra level of encryption
• On iOS 3.x and earlier, all keys can be decrypted using Fraunhofer's method, regardless of accessibility attribute used
• Devices with no passcodes at all will still be vulnerable
• Devices with weak passcodes (less than six digits) will still be somewhat vulnerable

• 从 iOS 4 开始，带有 kSecAttrAccessibleWhenUnlocked 和 kSecAttrAccessibleWhenUnlockedThisDeviceOnly 的密钥受到额外级别的加密保护
• 在 iOS 3.x 及更早版本上，所有密钥都可以使用 Fraunhofer 方法解密，而不管使用的可访问性属性如何
• 根本没有密码的设备仍然容易受到攻击
• 密码较弱（少于六位数）的设备仍会有些脆弱

≈50ms per password try; → ≈20 tries per second; → ≈1.7 years for a 50% change of guessing the correct passcode for a 6-digit alphanumeric code with base 36. The standard simple code of 4 numeric digits would be brute-forced in less than 9 minutes. Based on the assumption that the counter for wrong tries in the iOS can be bypassed, as it is not hardware-based

Apple Inc. WWDC 2010, Core OS, Session 209 "Securing Application Data", Slide 24

每个密码尝试≈50ms；→ ≈每秒 20 次尝试；→ ≈ 1.7 年，对于一个以 36 为基数的 6 位字母数字代码，猜测正确密码的变化为 50%。标准的 4 位数字简单代码将在不到 9 分钟的时间内被暴力破解。基于可以绕过 iOS 中错误尝试的计数器的假设，因为它不是基于硬件的

Apple Inc. WWDC 2010，核心操作系统，第 209 届会议“保护应用程序数据”，幻灯片 24

Bottom line: If you must store sensitive data, better use your own encryption. And don't store the key on the device.

底线：如果您必须存储敏感数据，最好使用您自己的加密。并且不要将密钥存储在设备上。

Edit: There are numerous news articleswhich cite the Fraunhofer study and reassure their readers not to worry unless their devices are stolen, because this attack can only be done with physical access to the device.

编辑：有许多新闻文章引用了弗劳恩霍夫研究，并让读者放心，除非他们的设备被盗，否则不要担心，因为这种攻击只能通过物理访问设备来完成。

I'm somehow doubtful. The fact the researchers did their tests with physical access to the phone seems to have just been a way to simplify the problem, as opposed to being a limitation. This is their description of what they did to decrypt the keychain entries:

我有点怀疑。研究人员通过对手机的物理访问进行测试的事实似乎只是简化问题的一种方式，而不是一种限制。这是他们对解密钥匙串条目的操作的描述：

After using a jailbreaking tool, to get access to a command shell, we run a small script to access and decrypt the passwords found in the keychain. The decryption is done with the help of functions provided by the operating system itself.

使用越狱工具后，为了访问命令外壳，我们运行一个小脚本来访问和解密在钥匙串中找到的密码。解密是在操作系统本身提供的功能的帮助下完成的。

As anyone who has used jailbreak.me knows, jailbreaking does not require physicalaccess to the device. Theoretically it should be trivial to modify the jailbreak.me code and have it automate the following:

由于人谁使用jailbreak.me知道，越狱不需要物理的设备访问。从理论上讲，修改 jailbreak.me 代码并让它自动执行以下操作应该是微不足道的：

1. Perform the jailbreak as normal (all this requires is for the user open a maliciously crafted PDF)
2. Run Fraunhofer's scripts after the jailbreak is complete
3. Send the passwords over the network to a location the attacker can read it from

1. 执行越狱为正常（这一切需要的是为用户打开一个恶意制作的PDF）
2. 弗劳恩霍夫运行的脚本越狱完成后，
3. 通过网络将密码发送到攻击者可以读取的位置

So once again, be cautious about what you put in the keychain.

所以再一次，小心你放在钥匙串里的东西。

Normally, the keychain would be the recommended way to store such a certificate. However, it has been discovered that jailbreaking can be used to bypass the security of the keychain (article).

通常，钥匙串是存储此类证书的推荐方式。但是，已经发现可以使用越狱来绕过钥匙串的安全性（文章）。

Franhofer did a study on the safety of the iPhone Keychain :

Franhofer 对 iPhone 钥匙扣的安全性做了一项研究：

http://www.sit.fraunhofer.de/Images/sc_iPhone%20Passwords_tcm501-80443.pdf

http://www.sit.fraunhofer.de/Images/sc_iPhone%20Passwords_tcm501-80443.pdf

I can answer part of your question, but since the other part is still unknown, I'm voting the question up as I'm also eager to know the answer.

我可以回答你的部分问题，但由于另一部分仍然未知，我也很想知道答案，所以我将这个问题投了赞成票。

The part that I can answer is: 'can an app get full keychain access if no screenlock is enabled'. No, every app has its own keychain area on the iphone, which means an app can only get access to its own secrets. These secrets are not locked for the app itself, so there's no way to hide the keychain entries from the app itself. So to summarize: an app can read its own entries, and no other entries.

我可以回答的部分是：“如果未启用屏幕锁定，应用程序能否获得完整的钥匙串访问权限”。不，每个应用程序在 iPhone 上都有自己的钥匙串区域，这意味着应用程序只能访问自己的秘密。这些秘密不会为应用程序本身锁定，因此无法对应用程序本身隐藏钥匙串条目。总结一下：应用程序可以读取自己的条目，而不能读取其他条目。

What I'm interested to know though is what happens on jailbroken devices. Are the keychains of all apps exposed once a device has a jailbreak?

不过，我有兴趣知道越狱设备上会发生什么。一旦设备越狱，所有应用程序的钥匙串是否会暴露？