Slashdot Mirror

← Back to Stories (view on slashdot.org)

DOJ Says iPhone Is So Secure They Can't Crack It

Posted by samzenpus on from the too-hard dept.

zacharye writes "In the five years since Apple launched the iPhone, the popular device has gone from a malicious hacker's dream to law enforcement's worst nightmare. As recounted by the Massachusetts Institute of Technology's Technology Review blog, a Justice Department official recently took the stage at the DFRWS computer forensics conference in Washington, D.C. and told attendees that the beefed up security in iOS is now so good that it has become a nightmare for law enforcement."

17 of 454 comments (clear)

  1. Re:I don't believe it by TheLandyman · · Score: 5, Informative

    I believe, as of iPhone 3GS, it does.. but I'm too lazy to google and confirm.

  2. Re:I don't believe it by Anonymous Coward · · Score: 5, Informative

    Wrong.
    It uses full disk encryption. However, that can be circumvented quite easily with a jailbreak (if one exists).

    However, there is a second encryption system. This system derives the keys from your passcode and a key that is stored within a secure element on the iPhone. Thus, you need to know the Passcode of the iPhone in order to decrypt those files. Since, the key derivation function is tied to the passcode and the key within the secure element you cannot offload the brute-force attack to external machines, you need to do it on the iPhone. This means that a brute-force attack on a 4-digit PIN takes about 20 minutes (ok, that's not much), but when you consider complex PINs with 5 or more characters you are soon at 50 days (don't have the exact numbers in my mind right now, but there is a good presentation on that).

    Downturn: You must rely on the app developer to chose the right protection class for the files. If he doesn't then you are down to the rather insecure full-disk-encryption, and you need to chose a longer Passcode...

  3. Re:I don't believe it by Anonymous Coward · · Score: 4, Informative

    > "As far as I know the iphone doesn't use full disk encryption."

    And because you don't know if it does that means it doesn't, right?

    http://support.apple.com/kb/HT4175

    Full device encryption has been available since the 3GS, when they added in hardware encryption support to their iOS products.

    Before speaking on a subject you know absolutely nothing about you should do a little research on it first.

  4. Umm.. what? by Vellmont · · Score: 5, Informative

    5 minutes ago I knew nothing of Apples full disk encryption. Now I find an article that states:

    The release of the iPhone 3GS (and later iPod Touch 3rd Generation) brought hardware-based full disk encryption (FDE) to the iPhone. This was designed to accomplish one thing: instantaneous remote wipe. While the iPhone 3G had to overwrite every bit in flash memory (sometimes taking several hours), disk wiping on the 3GS worked by simply erasing the 256-bit AES key used to encrypt the data.

    Unfortunately, disk encryption on the iPhone did little beyond enabling remote wipe. Mobile forensicator Jonathan Zdziarski found that the iPhone OS automatically decrypts data when a request for data is made, effectively making the encryption worthless for protecting data.

    http://anthonyvance.com/blog/forensics/ios4_data_protection/

    So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place. Either that, or the DOJ has nobody with any skills whatsoever.

    --
    AccountKiller
  5. Re:Oblig xkcd by cpu6502 · · Score: 4, Informative

    Hitting people with wrenches is forbidden by the Bill of Rights.

    --
    My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
  6. Re:I don't believe it by wvmarle · · Score: 4, Informative

    According to TFA, encryption and decryption is now available and built in in the hardware even. So it's become computationally cheap. The AES key is also burned in silicon, making it impossible to get to.

    But as usual the weakest link is the user's password, in this case a PIN. A typical 4-digit PIN can be cracked (using special software to prevent phone from wiping itself after ten failed attempts) in a matter of minutes; one needs an 8-digit PIN to be reasonably secure (average 15 years for a brute-force attack).

  7. Re:TWO WORDS by Baloroth · · Score: 5, Informative

    Isn't the iCloud stuff (specifically, the device backups) also AES encrypted with a key Apple doesn't have? I will have to dig up the article, but I'm pretty sure I saw that.

    No.

    --
    "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
  8. Re:TWO WORDS by poetmatt · · Score: 5, Informative

    quite the opposite, apple holds the key - so all it takes is a gov't request to apple and they have the master key.

    http://arstechnica.com/apple/2012/04/apple-holds-the-master-key-when-it-comes-to-icloud-security-privacy/
    http://arstechnica.com/apple/2012/04/can-apple-give-police-a-key-to-your-encrypted-iphone-data-ars-investigates/

    Given their policies regarding a number of things which are dinosaur-era, we don't have an answer to whether or not they will give it away or not. I don't know that an official statement has ever been made by apple. The question is - do you want to trust that information with apple? Specifically: 100% uncertainty? That's not a "apple is evil, apple is not evil".

  9. Re:Government Computer Skillz by Anonymous Coward · · Score: 5, Informative

    The burden of proof is on you, not them, under UK law, provided they can prove you ever had access to the password.

    Or to put it another way, you are responsible for maintaining accurate records of every encryption passphrase you ever use.

    Enjoy your SSH session keys.

  10. Re:Government Computer Skillz by Migraineman · · Score: 4, Informative

    They don't need to. That's what "Contempt of Court" is for - toss you in the clink until your memory improves.

  11. Re:I don't believe it by dgatwood · · Score: 4, Informative

    That's because the password-protected encryption doesn't encrypt the whole disk. It encrypts individual files. There is a full-disk encryption key, but its purpose is to make wiping the device a single block write operation (overwrite the key) instead of a complete wipe of tens of gigabytes.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  12. Re:TWO WORDS by blueg3 · · Score: 4, Informative

    I can't help but wonder the purpose of a DOJ statement like his being made public.

    It was a higher-up in the DoJ (specifically, Ovie Carroll) discussing challenges in digital forensics (at a conference on digital forensics). It was a brief mention in a larger talk and a fact that does not surprise anyone in the field. It's well-known that pulling data off of an iPhone can be a real pain in the ass. (IMO, I would consider Android worse, as there is not yet a reliable technique that can pull data off of an unrooted phone without modifying the phone's data, and data modification -- even when justified and documented -- is a big problem in some jurisdictions.)

  13. Re:Oblig xkcd by Hatta · · Score: 5, Informative

    Only if done as punishment. According to Scalia, as long as it's not punishment, torture is constitutional.

    STAHL: If someoneâ(TM)s in custody, as in Abu Ghraib, and they are brutalized, by a law enforcement person â" if you listen to the expression âoecruel and unusual punishment,â doesnâ(TM)t that apply?

            SCALIA: No. To the contrary. You think â" Has anybody ever referred to torture as punishment? I donâ(TM)t think so.

            STAHL: Well I think if youâ(TM)re in custody, and you have a policeman whoâ(TM)s taken you into custodyâ"

            SCALIA: And you say heâ(TM)s punishing you? Whatâ(TM)s he punishing you for? ⦠When heâ(TM)s hurting you in order to get information from you, you wouldnâ(TM)t say heâ(TM)s punishing you. What is he punishing you for?

    --
    Give me Classic Slashdot or give me death!
  14. Re:Umm.. what? by bill_mcgonigle · · Score: 5, Informative


    Last time I checked, the government can't lie. It can only deny.

    Sorry, incorrect. Go watch "Don't talk to police" on YouTube. Required viewing for US residency.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  15. Re:Government Computer Skillz by Hatta · · Score: 5, Informative

    In the U.S., the 5th Amendment prevents someone from being required to turn over their password.

    This is still unsettled. The 11th Circuit Court has ruled that passwords are protected under the 5th amendment. However the 10th Circuit has chosen not to intervene in a lower court decision that forced a woman to decrypt her laptop.

    This is going to have to go to the Supreme Court eventually, and I think you can guess how the fascist majority of justices will decide.

    --
    Give me Classic Slashdot or give me death!
  16. Re:Government Computer Skillz by Hatta · · Score: 4, Informative

    Wikipedia sez:

    In civil contempt cases there is no principle of proportionality. In Chadwick v. Janecka (3d Cir. 2002), a U.S. court of appeals held that H. Beatty Chadwick could be held indefinitely under federal law, for his failure to produce US$ 2.5 mill. as state court ordered in a civil trial. Chadwick had been imprisoned for nine years at that time and continued to be held in prison until 2009, when a state court set him free after 14 years, making his imprisonment the longest on a contempt charge to date.

    --
    Give me Classic Slashdot or give me death!
  17. Re:TWO WORDS by DJRumpy · · Score: 5, Informative

    FYI, this is the source of the summary quotes (adhoc as they are) and also addresses other questions regarding device security as opposed to iCloud security which has nothing to do with the linked articles.

    "I can tell you from the Department of Justice perspective, if that drive is encrypted, you're done," Ovie Carroll, director of the cyber-crime lab at the Computer Crime and Intellectual Property Section in the Department of Justice, said during his keynote address at the DFRWS computer forensics conference in Washington, D.C., last Monday. "When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data."

    At the heart of Apple's security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.

    Apple did not respond to requests for comment on this story. But the AES key in each iPad or iPhone "is unique to each device and is not recorded by Apple or any of its suppliers," the company said in a security-related white paper. "Burning these keys into the silicon prevents them from being tampered with or bypassed, and guarantees that they can be access only by the AES engine."

    It also notes the key here, that while the device is powered on, it is still possible to obtain the key from memory, but once the device is turned off, the key is lost. It also notes that the decryption key itself is encrypted by the device pin, meaning an easy pin is an easily decrypted device. This is true for any mobile device, and a good reason to enable a strong ping instead of the default 4 char code seen on most devices.

    What I found curious about the article is that they didn't emphasize this point. Video's of police decrypting a device due to a weak 4 pin character lock within a matter of seconds are available for any number of devices. I am curious how much additional computing power is needed to decrypt a device for each character added to the unlock sequence.