[Cryptography] 9999 keys for this one iPhone
Tony Arcieri
bascule at gmail.com
Mon Feb 29 20:04:44 EST 2016
On Mon, Feb 29, 2016 at 1:55 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
> With a four number PIN there are 9999 keys for the
> data on the phone. All other secrets are constants.
>
Good thing the PIN can be longer than 4 digits... and can include non-digit
characters if you so desire!
I count myself among the people with an iOS device with a > 4-digit
passcode.
> The (AES) key is generated from the PIN (key) entangled with the Unique ID
>
> "Each Secure Enclave is provisioned during fabrication with its own UID
> (Unique ID) that is not accessible to other parts of the system and is not
> known to Apple. When the device starts up, an ephemeral key is created,
> entangled with its UID, and used to encrypt the Secure Enclave’s portion of
> the device’s memory space. Additionally, data that is saved to the file
> system by the Secure Enclave is encrypted with a key entangled with the UID
> and an anti-replay counter."
>
> The net is the device can encrypt data with
> a small set of possible keys. Only the PIN is a variable
> for a given device.
>
The UID key is unique-per-device too. There are more potential keys for
iPhones than there are atoms in the universe.
You might try reading Matt Green's blog post:
http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160229/7b4ca0da/attachment.html>
More information about the cryptography
mailing list