DOJ Says iPhone Is So Secure They Can't Crack It

zacharye writes "In the five years since Apple launched the iPhone, the popular device has gone from a malicious hacker's dream to law enforcement's worst nightmare. As recounted by the Massachusetts Institute of Technology's Technology Review blog, a Justice Department official recently took the stage at the DFRWS computer forensics conference in Washington, D.C. and told attendees that the beefed up security in iOS is now so good that it has become a nightmare for law enforcement."

Re:I don't believe it

[TheLandyman]

I believe, as of iPhone 3GS, it does.. but I'm too lazy to google and confirm.

Re:I don't believe it

Wrong.
It uses full disk encryption. However, that can be circumvented quite easily with a jailbreak (if one exists).

However, there is a second encryption system. This system derives the keys from your passcode and a key that is stored within a secure element on the iPhone. Thus, you need to know the Passcode of the iPhone in order to decrypt those files. Since, the key derivation function is tied to the passcode and the key within the secure element you cannot offload the brute-force attack to external machines, you need to do it on the iPhone. This means that a brute-force attack on a 4-digit PIN takes about 20 minutes (ok, that's not much), but when you consider complex PINs with 5 or more characters you are soon at 50 days (don't have the exact numbers in my mind right now, but there is a good presentation on that).

Downturn: You must rely on the app developer to chose the right protection class for the files. If he doesn't then you are down to the rather insecure full-disk-encryption, and you need to chose a longer Passcode...

Umm.. what?

[Vellmont]

5 minutes ago I knew nothing of Apples full disk encryption. Now I find an article that states:

The release of the iPhone 3GS (and later iPod Touch 3rd Generation) brought hardware-based full disk encryption (FDE) to the iPhone. This was designed to accomplish one thing: instantaneous remote wipe. While the iPhone 3G had to overwrite every bit in flash memory (sometimes taking several hours), disk wiping on the 3GS worked by simply erasing the 256-bit AES key used to encrypt the data.

Unfortunately, disk encryption on the iPhone did little beyond enabling remote wipe. Mobile forensicator Jonathan Zdziarski found that the iPhone OS automatically decrypts data when a request for data is made, effectively making the encryption worthless for protecting data.

http://anthonyvance.com/blog/forensics/ios4_data_protection/

So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place. Either that, or the DOJ has nobody with any skills whatsoever.

Re:TWO WORDS

[Baloroth]

Isn't the iCloud stuff (specifically, the device backups) also AES encrypted with a key Apple doesn't have? I will have to dig up the article, but I'm pretty sure I saw that.

No.

Re:TWO WORDS

[poetmatt]

quite the opposite, apple holds the key - so all it takes is a gov't request to apple and they have the master key.

http://arstechnica.com/apple/2012/04/apple-holds-the-master-key-when-it-comes-to-icloud-security-privacy/
http://arstechnica.com/apple/2012/04/can-apple-give-police-a-key-to-your-encrypted-iphone-data-ars-investigates/

Given their policies regarding a number of things which are dinosaur-era, we don't have an answer to whether or not they will give it away or not. I don't know that an official statement has ever been made by apple. The question is - do you want to trust that information with apple? Specifically: 100% uncertainty? That's not a "apple is evil, apple is not evil".

Re:Government Computer Skillz

The burden of proof is on you, not them, under UK law, provided they can prove you ever had access to the password.

Or to put it another way, you are responsible for maintaining accurate records of every encryption passphrase you ever use.

Enjoy your SSH session keys.

Re:Oblig xkcd

[Hatta]

Only if done as punishment. According to Scalia, as long as it's not punishment, torture is constitutional.

STAHL: If someoneâ(TM)s in custody, as in Abu Ghraib, and they are brutalized, by a law enforcement person â" if you listen to the expression âoecruel and unusual punishment,â doesnâ(TM)t that apply?

        SCALIA: No. To the contrary. You think â" Has anybody ever referred to torture as punishment? I donâ(TM)t think so.

        STAHL: Well I think if youâ(TM)re in custody, and you have a policeman whoâ(TM)s taken you into custodyâ"

        SCALIA: And you say heâ(TM)s punishing you? Whatâ(TM)s he punishing you for? ⦠When heâ(TM)s hurting you in order to get information from you, you wouldnâ(TM)t say heâ(TM)s punishing you. What is he punishing you for?

Re:Umm.. what?

[bill_mcgonigle]

Last time I checked, the government can't lie. It can only deny.

Sorry, incorrect. Go watch "Don't talk to police" on YouTube. Required viewing for US residency.

Re:Government Computer Skillz

[Hatta]

In the U.S., the 5th Amendment prevents someone from being required to turn over their password.

This is still unsettled. The 11th Circuit Court has ruled that passwords are protected under the 5th amendment. However the 10th Circuit has chosen not to intervene in a lower court decision that forced a woman to decrypt her laptop.

This is going to have to go to the Supreme Court eventually, and I think you can guess how the fascist majority of justices will decide.

Re:TWO WORDS

[DJRumpy]

FYI, this is the source of the summary quotes (adhoc as they are) and also addresses other questions regarding device security as opposed to iCloud security which has nothing to do with the linked articles.

"I can tell you from the Department of Justice perspective, if that drive is encrypted, you're done," Ovie Carroll, director of the cyber-crime lab at the Computer Crime and Intellectual Property Section in the Department of Justice, said during his keynote address at the DFRWS computer forensics conference in Washington, D.C., last Monday. "When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data."

At the heart of Apple's security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.

Apple did not respond to requests for comment on this story. But the AES key in each iPad or iPhone "is unique to each device and is not recorded by Apple or any of its suppliers," the company said in a security-related white paper. "Burning these keys into the silicon prevents them from being tampered with or bypassed, and guarantees that they can be access only by the AES engine."

It also notes the key here, that while the device is powered on, it is still possible to obtain the key from memory, but once the device is turned off, the key is lost. It also notes that the decryption key itself is encrypted by the device pin, meaning an easy pin is an easily decrypted device. This is true for any mobile device, and a good reason to enable a strong ping instead of the default 4 char code seen on most devices.

What I found curious about the article is that they didn't emphasize this point. Video's of police decrypting a device due to a weak 4 pin character lock within a matter of seconds are available for any number of devices. I am curious how much additional computing power is needed to decrypt a device for each character added to the unlock sequence.