[Cryptography] iPhone hardware attacks

Jerry Leichter leichter at lrw.com
Wed Mar 2 15:38:02 EST 2016


> I keep wondering what the odds are that the NSA has no method
> available to decap the chips within an iPhone and extract secret
> keying material. I suspect they must be able to do that, even from one
> of the more modern iPhones with hardware based security modules.
The NSA can almost certainly do this, if they feel the need (or are just making sure they have the capability ready to go should a need arise).  It's possible to make hardware that is extremely resistant to any such probing, but it's expensive, difficult and of course new attacks always emerge - see your own posting a little earlier about side-channel attacks - so what's secure today has to be updated tomorrow.  Security has to start with a threat model, and building an iPhone to consider the threat model of physical attacks by the NSA would make no sense.

Then again, up until the iPhone 5, the threat model didn't consider someone fairly sophisticated in long-term physical possession of the phone.  And until this case the threat model didn't include the possibility of Apple being ordered to break the security mechanisms.  It's clear that thread models are growing....

> This brings up another question. FBI officials have testified under
> oath that there is no government agency that can extract such
> information on their behalf. Is that very careful spin, willful
> ignorance, or simple perjury?
I suspect this is one of those "maximum possible truth" things where if you parse it really carefully, you discover they haven't said quite what you think they said.  For example, it might be the case that NSA has the capability to do this, but the lawyers have rendered an opinion saying that they are legally not allowed to do it.  So that falls within "can".

Or NSA may simply consider their capabilities so secret that no one within the FBI is cleared even to be told what they can do, so when FBI asks NSA the answer  that comes back is always "we can't comment".

Since it's clear that the FBI considers this a wonderful test case, they have little incentive to get as full an answer as possible.

                                                        -- Jerry



More information about the cryptography mailing list