[Cryptography] Of crypto and the iPhone

Jerry Leichter leichter at lrw.com
Sat Dec 4 09:37:16 EST 2021

> I decided to replace [the battery in my iPhone] myself rather than send it to a 
> dealer; seemed easy enough, right?  Quite a number of videos on the 'net 
> explaining the process, step by step.
> Well, in the process I managed to damage one of those flimsy cables that 
> abounded within because the digitiser no longer worked; they are really 
> fragile.
> So, a new screen was called for; no problemo, and they are readily 
> available; this is where the brown stuff hit the fan...  The fingerprint 
> ID was as dead as a dodo (not even being seen by iOS), but the home button 
> still worked; odd, because they share the same cable.
> To cut a long story short, it seems that the screen and body are bonded 
> together like Siamese twins with a cryptographic exchange....
This fact has been documented for quite some time.  Apple has increasingly tied components together.  The fingerprint detector and the CPU were among the first - iPhone 7 or so time frame.  Apple says this is necessary for security.  In the specific case of the fingerprint scanner and the CPU, there are reasonable arguments to be made that this is the case:  It prevents replay attacks against the output of the scanner.  In other cases, the arguments are weaker.  When the iPhone 13 came out, it was quickly discovered that changing the screen disabled FaceID.  There was a lot of wailing and moaning, Apple announced that that was a bug, and the most recent OS updates have removed the limitation.

Apple has a whole discussion, which I can't now find, of levels of trust its software will place in different situations.  This has become particularly relevant since Apple added a fingerprint sensor to its latest wireless keyboard.  This is the first time that the fingerprint sensor is physically separate from the device it connects to, much less connected over a wireless link.  So there are specific steps taken to ensure it's trustworthy.  There are other, similar things - e.g., you can use your Apple watch to unlock your Mac, but the trust connection is valid only as long as the watch stays on your wrist.

Apple, obviously, has specialized equipment to pair a CPU with phone fingerprint sensor.  They highly restrict who can get access to it.

Security developments are revealing interesting contradictions.  Not so long ago, I could do anything I wanted on my own computer.  Applications I ran had all the access I had.  These days, it's all about sandboxing to limit everything to the absolute minimum access, because the open access of days gone by allowed too many attacks.  On the latest Mac OS's, system directories are mounted read-only and only specially privileged (by Apple) process can modify them.  You can still get around that by rebooting in a special mode, disabling the feature, and rebooting again - but it's not something you're going to do regularly.  (Yes, this stuff is derived from ideas implemented in other systems going back years.)  On phones, the vulnerabilities are seen as much more significant (your phone is a much more personal device) and the need to get around the security controls is seen as much less important ... so there *is* no supported way to do it, and the unsupported jailbreaks are seen as serious bugs and fixed as soon as possible.  But ... this has led to comments from security researchers that when attacks *do* occur, they themselves get hidden by the same security features that, when they work as intended, keep you safe! 

Anyway:  I know of no work-around for the problem you've run into.  Only Apple (or some authorized repair services) can re-pair the fingerprint sensor and the CPU in your phone.
                                                        -- Jerry

More information about the cryptography mailing list