What is Secure Enclave for iPhones, iPads and Macs?

2023-06-26 11:00:00

Since 2010, Apple has included its own processors in its products — in the beginning, only iPhones and iPads were part of this select group (with the first chip being the A4). Today, Apple’s entire line of devices includes an Apple chip (generally called the Apple Silicon), ranging from wearables (like the Apple Watches and AirPods) to Macs (like the latest Mac Pro).

In addition to enabling greater integration and optimization between software and hardware, these processors also bring some layers of proprietary protection, which seek to leave user information fully protected.

One of the many elements that are part of the chip — and which is responsible for data security — is the so-called Secure Enclave. In the following paragraphs, we’ll talk a little about how it can protect you in the daily use of your Apple devices! ????

Which Apple devices have the Secure Enclave?

iPhones: iPhone 5s and later
iPads: iPad Air and later
Macs: all computers equipped with Apple Silicon; Macs with Intel processors that have the Apple T2 chip; MacBooks Pro with Touch Bar and T1 chip
Apple Watches: Apple Watch Series 1 e posteriores
Apple TVs: Apple TV HD e posteriores
HomePods: HomePod e HomePod mini

What is the Secure Enclave?

According to the company, it is a subsystem integrated into the device’s processor, but completely isolated from it. This allows for an extra layer of protection to keep your sensitive data even more secure, even when a compromise occurs. kernel of the application processor, for example.

A Secure Enclave is composed of a boot ROM (so that a hardware root of trust is established), a AES engine for cryptographic operations and the protected memory.

The information from Secure Enclavealthough they are not in dedicated storage, they are in a mechanism used to store them in a kind of attached location, which is separate from the flash memory used by the device’s processor and operating system.

One of the uses of Secure Enclave is with regard to the registration of biometrics of the Face ID and Touch ID features of iPhones, iPads and Macs. During the enrollment of your fingerprint or your face geometry, this component processes, encrypts and stores the model data within it.

When it’s time to match (i.e. when you unlock your device or authenticate an Apple Pay payment), the Secure Enclave compares biometric sensor input data with stored templates to determine whether the device can be unlocked or to answer whether the match is fully valid.

A Secure Enclave It is very secure and prevents your most sensitive data from being exposed. However, according we report here on MacMagazine In 2020, Chinese security researchers discovered a problem in the TZ0 memory controller, which manages the security component’s processor usage. At the time, we also stated that this should not be a cause for alarm on the part of users.