For the first time, we have extensive details on iCloud security.
For security professionals like myself, this is like waking up and
finding a pot of gold sitting on my keyboard. Along with some of
the most impressive security I’ve ever seen, Apple has provided a
way to make it impossible for agencies like the NSA to obtain your
iCloud Keychain passwords.
The paper is incredibly dense, even getting to the level of detail
of which flavor of particular encryption algorithms are used in
which security controls. I will likely be digesting it for months,
but one particular section contained an important nugget that
explains why the NSA can’t snoop on your iCloud Keychain