[Cryptography] 9999 keys for this one iPhone
Tom Mitchell
mitch at niftyegg.com
Mon Feb 29 04:55:40 EST 2016
With a four number PIN there are 9999 keys for the
data on the phone. All other secrets are constants.
The (AES) key is generated from the PIN (key) entangled with the Unique ID
"Each Secure Enclave is provisioned during fabrication with its own UID
(Unique ID) that is not accessible to other parts of the system and is not
known to Apple. When the device starts up, an ephemeral key is created,
entangled with its UID, and used to encrypt the Secure Enclave’s portion of
the device’s memory space. Additionally, data that is saved to the file
system by the Secure Enclave is encrypted with a key entangled with the UID
and an anti-replay counter."
The net is the device can encrypt data with
a small set of possible keys. Only the PIN is a variable
for a given device.
Can this be used in a lab to reduce the key space for decryption
and expose data on non volatile storage.
Presumably the Flash Memory content has been or will be copied and archived.
It might also be replaced with a "romulator" like flash emulator that can
be quickly
updated when an ten strike or dumb luck erase sequence is hit.
Back to the UID+key+GID bounding things to 9999 keys.
What activity might be applied to the machine to enumerate
and extract or just use the 9999 keys. The UID and GID are constant
secrets.
Since: "Every iOS device has a dedicated AES 256 crypto engine built
into the DMA path between the flash storage and main system
memory, making file encryption highly efficient."
Are there "known data" attacks that can leverage the limited 9999 PINs
and the fixed GID (Apple Secret sauce) and unknown but also fixed UID
to find out which of the 9999 PINs was used to secure the phone.
Presumably the hardware only has to be instructed to read data (DMA)
into RAM with 9999 user space entered keys for an exhaustive brute force
attack.
The bulk of the AES key is fixed in the device and reading flash is quicker
than write.
What happens on a healthy phone when the PIN is changed and how fast can
the PIN space be exhausted and using a non DMA path test to see if common
to all phone data be tested against each PIN and bits from the device in
question.
Once the pin is found reload flash and restart.
i.e. can the special case that is this phone be used against this phone
knowing
that AES-256 can resist random attack for the life of the universe.
The secrets held close by Apple of the phone including the GID are never
exposed.
Perhaps they are more vulnerable.
This is not a kiosk level service.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160229/5d185897/attachment.html>
More information about the cryptography
mailing list