> On Jun 29, 2017, at 5:33 AM, Dave Fernandes <dave.fernan...@utoronto.ca> 
> wrote:
> 
> Ah. Thinking about the new device use case helps. Everything must be 
> accessible and decryptable using only the iCloud passphrase. But if the same 
> passphrase is used both to authorize access to the data and to decrypt it, 
> then Apple has the passphrase to decrypt each time the user logs in, do they 
> not? So encryption prevents against third parties seeing the data, but not 
> Apple itself. Or perhaps the passphrase is used to generate two independent 
> secrets and the passphrase itself is never sent over the wire?

Any competent* online service does not store your password. They only store a 
hashed version of it.

With web-based logins the password does usually get sent to the server, but it 
only keeps it long enough to verify the hash, never storing it persistently.

A login system like Apple’s is probably sending a random challenge value to the 
device, which then gets somehow transformed using the password in a way that 
can be verified using the hash (I’m hand-waving here, but there are many 
algorithms for this.) Or alternatively, the password defines an asymmetric 
key-pair**, of which Apple stores the public key, and the login then consists 
of signing the challenge value and sending it back, letting Apple verify the 
signature.

—Jens

* Unfortunately there are still incompetent services still out there. Match.com 
<http://match.com/> is one, for example, or was a few years ago when I briefly 
tried using it. If you tell it you forgot your password, it *emails your 
password to you*. My jaw hit the floor and I deleted the account immediately.

** Deriving a key-pair from a password isn’t feasible with RSA, but it can be 
done with e.g. Curve25519.
_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to