What keying option does the keychain use?

Question

I have read into the keychain and have found that it uses Triple DES. What I can't find is what keying option it uses. I am guessing / hoping that its keying option 1 where all 3 passwords are unique but if thats the case I can only think of two passwords it can use (user password and App ID that comes from your dev cert) so where is the third coming from? Is it a key private to Apple?

If its keying option 2 (first and third key are the same) it might not be secure enough for our company to rely on. Although that might sound paranoid I have to justify to our security department that it is secure enough.

Answer 1

As there is no answer yet i thought I might have a go of answering with what I have found so far.

I have looked through the source code available for OS X keychain and although I'm not 100% sure because there is a lot of it, the keychain does use 3DES in API Classes -> KeyItem.cpp on line 141. It also has comments in Import/Export -> SecWrappedKeys.cpp on line 150 that only DES and 3DES are used for at least this class. There is a lot of Private classes missing so I can only go on what I see.

In Apples keychain docos and in other random tech support articles it states that there is a an Application password and a system generated password for the keychain. If you change your dev cert for an App it loses the keychain entry and if you restore to a new phone the keychain doesn't work.

From what I have seen the keychain uses keying option 1 (strongest where all 3 keys are different) The three passwords would be your password to unlock the phone/default one or random one if there is no lock, the device UDID or some other equivalent unique identifier for the iPhone, and the App ID (forgotten its name) for the third.

If someone can confirm any of this please vote up and I'll accept this answer if there is enough. (or vote down if I messed up)