Intercepting iCloud Keychain

Intercepting iCloud Keychain

Black Hat via YouTube Direct link

Circle Protocol Illustrated

7 of 25

7 of 25

Circle Protocol Illustrated

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Intercepting iCloud Keychain

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Secret Syncing & Recovery in the Cloud
  3. 3 Designed to be Highly Secure
  4. 4 Critical Flaws Now Fixed
  5. 5 Prior Work & Presentations Covering iCloud Keychain
  6. 6 iCloud Keychain Components
  7. 7 Circle Protocol Illustrated
  8. 8 What happens when devices are lost while traveling?
  9. 9 iCloud Keychain Passwords Overview
  10. 10 How Does A New Device Join Without Approval?
  11. 11 Uncovering a hidden peer
  12. 12 Which Backups Contain the Cloud Identity Key?
  13. 13 iCloud Keychain Sync Transmits Data Across Apple Services
  14. 14 OTR KEX Messages
  15. 15 Pairwise, Fanout Negotiation
  16. 16 OTR Flaws
  17. 17 CVE-2017-2448 - SecVerify Signature And Mac
  18. 18 CVE-2017-2448 - Goto Fail Redux
  19. 19 CVE-2017-2448 - Sample Trigger in 32 Bytes
  20. 20 Signature Bypass Attack Impact
  21. 21 Apple's iCloud Keychain Security Goals (without OTR fix)
  22. 22 Stack Overlap Attack Impact
  23. 23 Wrapping up
  24. 24 Next Steps for the Security Industry
  25. 25 Questions?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.