Hacker News new | ask | show | jobs
by _Understated_ 1687 days ago
> All your data from Photo Vault is always end-to-end encrypted

Where are the keys?

If they are on your servers then this is dead in the water. If they are in a secure vault on my device then that's a different matter.
1 comments
ImKevinArcher 1687 days ago
Encryption keys never leave your device, they are derivated from your password. When you use Touch/Face ID, your encryption key is stored in the Secure Enclave. In general, we use the same method/model as FileVault2.

More about Secure Enclave you can find here: https://support.apple.com/guide/security/secure-enclave-sec5...

link