/dev/world 2025

Protect your keys with the Secure Enclave

Apple's Secure Enclave is a sophisticated piece of technology for securing private keys that live on end-user devices, especially for local-first software where your device needs to own and prove its identity. Through the Security framework, Apple grants developers low-level access for creating keys and performing cryptographic operations with the Enclave's assistance. In this session we will discuss what operations are possible, demonstrate how this solves real-world problems for apps, and compare Apple's APIs and support with other platforms that provide some form of hardware security module. This is a deep dive for developers who want to make their users' devices the root of trust, not the cloud.

About the presenter

Thomas Karpiniec is an experienced cross-platform developer from Tasmania. He works for Ditto, a US-based startup building a universal edge platform that syncs data directly between mobile devices and also to the cloud. For five years he led development of the mesh networking and authentication systems across iOS, Android and desktop platforms. Today he is a Staff Software Engineer working mostly on Ditto's Kubernetes Operator.