Dedicated AES engine
Every Apple device with a Secure Enclave has a dedicated AES-256 crypto engine built into the DMA path between the flash storage and main system memory, making file encryption highly efficient. On A9 or later A-series processors, the flash storage subsystem is on an isolated bus that is only granted access to memory containing user data through the DMA crypto engine.
The Secure Enclave securely generates its own keys—unique IDs (UIDs), device group IDs (GIDs), and other—and securely erases saved keys when needed. These keys are AES-256-bit keys fused (the UID) or compiled (the GID) into the Secure Enclave during manufacturing. No software or firmware can read them directly; they can see only the results of encryption or decryption operations performed by dedicated AES engines implemented in silicon using those UIDs or GIDs as a key.
The application processor and Secure Enclave each have their own UID and GID, and the Secure Enclave UID and GID can be used only by the AES engine dedicated to the Secure Enclave. The UIDs and GIDs aren’t available through Joint Test Action Group (JTAG) or other debugging interfaces.
Generating cryptographic keys
Each Secure Enclave generates its own UID (Unique ID) during the manufacturing process. Because the UID is unique to each device and because it’s generated wholly within the Secure Enclave instead of in a manufacturing system outside of the device, the UID isn’t available for access or storage by Apple or any of its suppliers. This applies to all SoCs after the Apple A8 processor.
Software running on the Secure Enclave takes advantage of the UID to protect device-specific secrets. The UID allows data to be cryptographically tied to a particular device. For example, the key hierarchy protecting the file system includes the UID, so if the internal SSD storage is physically moved from one device to another, the files are inaccessible. The UID isn’t related to any other identifier on the device. Other protected device-specific secrets include Touch ID or Face ID data. Storage on devices not connected to the Apple T2 Security Chip don’t receive this level of encryption. For example, neither external storage devices connected over USB nor PCIe-based storage added to the 2019 Mac Pro are encrypted by the T2 chip.
At the device level is the device group ID (GID), which is common to all processors in a class of devices (for example, all devices using the Apple A8 processor).
Apart from the UID and GID, all other cryptographic keys in iOS and iPadOS devices are created by the system’s random number generator (RNG) using an algorithm based on CTR_DRBG. System entropy is generated from timing variations during boot, and additionally from interrupt timing after the device has booted. Keys generated inside the Secure Enclave use its true hardware random number generator based on multiple ring oscillators post processed with CTR_DRBG.
Secure data erasure
Securely erasing saved keys is just as important as generating them. It’s especially challenging to do so on flash storage, for example, where wear-leveling might mean that multiple copies of data need to be erased. To address this issue, devices with a Secure Enclave include a feature dedicated to secure data erasure called Effaceable Storage. This feature accesses the underlying storage technology (for example, NAND) to directly address and erase a small number of blocks at a very low level.