[Cryptography] 9999 keys for this one iPhone

Tom Mitchell mitch at niftyegg.com
Mon Feb 29 21:22:43 EST 2016 

On Mon, Feb 29, 2016 at 5:04 PM, Tony Arcieri <bascule at gmail.com> wrote:

> On Mon, Feb 29, 2016 at 1:55 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
>
>> With a four number PIN there are 9999 keys for the
>> data on the phone.  All other secrets are constants.
>>
>

> The net is the device can encrypt data with
>> a small set of possible keys. Only the PIN is a variable
>> for a given device.
>>
>
> The UID key is unique-per-device too. There are more potential keys for
> iPhones than there are atoms in the universe.
>

My point is that this one individual device (singular) has a limited set of
keys
that it will employ to encrypt any data.

Given a binary dump of an encrypted phone with no additional
information it is a problem of more keys than the atoms in the
universe. Not the case for an individual phone however.

The atoms of the universe does not apply if you are Apple.
A large part of the key space is fixed by the fixed Apple
device secrets.   Apple has no record of the device internal ID and
no knowledge of the PIN but their secret does limit the key space
used in all phones of the same type.

The limited set of keys is generated from three things: the device unique
id,
Apple's secret key same on all like phones and the user controlled  PIN.

Once the binary contents of the encrypted file system are pulled
from the flash device.  Should the device be connected to a computer
or phone network it will reset, reboot reload and operate with the same
internal secrets it has always had.
Setting the four number PIN  will start encrypting the phone in one of the
10000
possible ways that this one phone can use in this mode.

Is there any component of the encrypted data that can validate
or dismiss the key and move on to the next?

Simple tricks might change the 10000 to many many more with
a little effort at boot time.

You might try reading Matt Green's blog post:
>
>
> http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html
>

Thanks for the link.

>
> --
> Tony Arcieri
>

This is interesting:
   "If the cracking is done on the devise itself, it
    would take 5½ year for a 6 character lowercase/digit password."
And obviously if the pass key was a 4 number PIN the time could be less.

Summary: cracking AES is very hard, unless you can peel off most of the key
bits
into a constant known to the hardware.

-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160229/713417b6/attachment.html>

More information about the cryptography mailing list