Question about Data Protection class keys

Privacy & Security General
neil218 OP
Created Dec ’19
Replies 2
Boosts 0
Views 521
Participants 2

In the official platform security guide, there is the following paragraph about the data protection class "Complete Protection".


(NSFileProtectionComplete): The class key is protected with a key derived from the user passcode and the device UID. Shortly after the user locks a device (10 seconds, if the Require Password setting is Immediately), the decrypted class key is discarded, rendering all data in this class inaccessible until the user enters the passcode again or unlocks the device using Touch ID or Face ID.


My question is, by "discarded", you mean this decrypted class key is wiped from the memory, or the key iteself is erased and the system generates a new key?


Thanks in advance.

Answered by Claude31 in 399247022

I understand as 'this decrypted class key is wiped from the memory'.


As it is not encrypted, that avoids anyone could tamper the phone and get data back.

Replies  2
Boosts  0
Views  521
Participants  2
Claude31 OP
Dec ’19
Accepted Answer

I understand as 'this decrypted class key is wiped from the memory'.


As it is not encrypted, that avoids anyone could tamper the phone and get data back.

0
neil218 OP
Dec ’19

Yeah, I also think so. Thanks.

0
Question about Data Protection class keys
First post date Last post date
 
 
Q