App Attest Key Generation

App & System Services General
Keldennis OP
Created Oct ’20
Replies 1
Boosts 0
Views 1k
Participants 2

How is the app attestation key generated in the Secure Enclave?

My client really wants to know if the attestation key is derived from the Secure Enclave's UUID, from other keys or is it just randomly generated using a CSRNG ?

Any information you can provide to convince my client of the security of the key will be useful.

Regards.
Keldennis
Replies  1
Boosts  0
Views  1k
Participants  2
azw OP
Jun ’21

So I doubt Apple will ever disclose this implementation detail of their proprietary hardware. However, the general overview is provided here: https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_secure_enclave

I would guess that they use some sort of Cryptographically secure pseudo random function to generate the EC curve points and would not use any hardware identifiers nor other keys to generate the points.

0
App Attest Key Generation
First post date Last post date
 
 
Q