How secure is Keychain on OS X?

Question

Keychain is a built-in app on OS X that stores all of the user credentials, and allows for one to keep encrypted notes in an easily accessible way.

Does anyone know how secure Keychain is? I know there was a vulnerability in 2008 with clear text being stored in memory, but it was patched. How resistant can it be to cold-boot attacks?

Here are some relevant SE links:

how-do-you-keep-track-of-all-your-passwords - SU
what-is-your-favorite-password-storage-tool - SU
retrieving-osx-keychain-passwords - IT Security - covers brute-forcing (aes is mentioned)

I think this is important since apps written for OS X are starting to store all passwords in the user's Keychain: safari, chrome, subversion, Mail, etc.

score 12 · Answer 1 · answered Nov 23 '10 at 15:44

The cold boot attack can be limited by setting an EFI password, so that the attacker can't get to the memory during the limited time window following a reset. Notice that if the firmware password is set, the FireWire device driver disallows DMA requests which is another very similar (and IMO more likely) attack.

The key place where the password should be considered "at risk" from any direct memory access attack including cold boot is not in securityd, which does a pretty good job (all of the relevant code is open source so check for yourself), it's in the client application. It's the client application that wants the password, and the vendor may not have been careful about zeroing the memory out (particularly if the password is put into an autoreleased or garbage-collected NSString instance).

(I wrote a whole chapter on Keychain security in Professional Cocoa Application Security)

+1, thanks. The application is only risking the password(s) to which it has access in that case? So, secure notes and other passwords aren't being compromised by a poorly secured app (other than if you don't use different passwords for each app)? — Bradley Kreider, Nov 23 '10 at 16:11
@rox0r: correct. The application _only_ gets the decrypted version of the keychain items it asks for, nothing else gets decrypted. However depending on the user's keychain settings, this might open a window during which the keychain is unlocked. Even that is mitigated, because the keychain uses per-application per-item access control so a Trojan wouldn't have default access to any keychain items. — , Nov 23 '10 at 16:23

score 3 · Answer 2 · answered Sep 05 '12 at 18:28

3

I guess this answers my question: Keychaindump

The root user can use this to pull decrypted entries from RAM.

answered Sep 05 '12 at 18:28

Bradley Kreider

6,152
2
23
36

How secure is Keychain on OS X?

2 Answers2