[Cryptography] 9999 keys for this one iPhone

Jerry Leichter leichter at lrw.com
Mon Feb 29 20:11:06 EST 2016 

>> Teardown sites show me that the flash is available and could be
>> archived. https://www.ifixit.com/Teardown/iPhone+5s+Teardown/17383 <https://www.ifixit.com/Teardown/iPhone+5s+Teardown/17383>
> Where's the unique ID?  I very much doubt it's in the flash.  I'd bet it's on the CPU chip - after all, the RAM is already there - and difficult to extract.  If so, the ability to clone the flash gains you nothing - without  a CPU chip with the right unique ID, you can't decrypt the flash contents - even if you know the passcode.
It turns out that Apple has actually done better than that.  This same discussion showed up on RISKS Digest and someone dug up an Apple description of the security mechanisms that covers the phone in question.  Here it is:

"Every iOS device has a dedicated AES 256 crypto engine built into the DMA
path between the flash storage and main system memory, making file
encryption highly efficient."

"The device's unique ID (UID) and a device group ID (GID) are AES 256-bit
keys fused into the application processor during manufacturing.  No software
or firmware can read them directly; they can see only the results of
encryption or decryption operations performed using them. The UID is unique
to each device and is not recorded by Apple or any of its
suppliers. ... Burning these keys into the silicon prevents them from being
tampered with or bypassed, and guarantees that they can be accessed only by
the AES engine."

The way in which the passcode is combined with the UID/GID isn't described but that's pretty simple stuff.

So you can clone the SSD and even the RAM of a locked device all you like:  It's useless to you without the information in the CPU chip, which you can't clone (without specialized, expensive attacks against the hardware).

                                                        -- Jerry



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160229/395c5285/attachment.html>

More information about the cryptography mailing list