Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-32705 | WIR-MOS-iOS-65-07 | SV-43051r1_rule | DCNR-1 | High |
Description |
---|
If an adversary can access the key store, it may be able to use the keys to perform a variety of unauthorized transactions. It may also be able to modify public keys in a way that it can trick the operating system into accepting invalid certificates. Encrypting the key store protects the integrity and confidentiality of keys. AES encryption with adequate key lengths provides assurance that the protection is strong. |
STIG | Date |
---|---|
Apple iOS 5 Security Technical Implementation Guide (STIG) | 2012-07-20 |
Check Text ( C-41068r1_chk ) |
---|
Review system documentation and operating system configuration to determine if the operating system uses AES encryption with 128-bit or longer keys to encrypt the contents of the key store. If the key store is not encrypted or does not use AES encryption, this is a finding. |
Fix Text (F-36603r1_fix) |
---|
Configure the operating system to encrypt the contents of the key with AES encryption using 128-bit or longer keys. |