undefined | Better HN

0 pointsjfoster10y ago0 comments

Is there anything preventing them from imaging the parts of the device that store data? The data in the image would be encrypted, of course, but wouldn't this give them essentially unlimited (or up to their budget) attempts at getting to the data?

0 comments

tptacek10y ago

It's encrypted against an effectively random 128 bit AES key. Unlimited time is not enough.

jfosterOP10y ago

The method I'm thinking of is:

1. Get a dump of the encrypted data.

2. Try to probe the hardware, potentially destroying it.

3. If the probe works, we're done. If not, put the encrypted data dump onto a fresh iPhone and repeat from step 2.

This way, you effectively get unlimited shots at an otherwise risky hardware probe.

MertsA10y ago

If the encryption key didn't depend on the hardware this would work. Even the iPhone 5C that the recent court case is about relies on the hardware keeping a key secret and it doesn't contain the secure enclave. For an iPhone 5C, the encryption key is derived from the pin and a unique ID for the phone that the CPU itself can't read. The only thing that the application processor can do is perform some crypto instructions using the key, there isn't an operation that would just put the key into memory or a register that you can read from. Even if you have root and the phone in front of you with the password, there's nothing you can do short of decapping it to try to identify that key.

venomsnake10y ago

Unless there is weakness in the PRNG/RNG that creates the fused key in the secure enclave itself. Which is not out of question. I am not sure why FBI didn't ask apple politely how these keys are generated in the first place.

Dylan1680710y ago

That seems excessively unlikely to me. The phone itself wouldn't have anything to seed a PRNG with, so the random number would need to come from an embedded hardware generator or a dedicated random number device in the factory, and both of those options would have huge amounts of engineering oversight.

j / k navigate · click thread line to collapse