

Apple’s iOS 4 hardware encryption has been cracked - adeelarshad82
http://www.geek.com/articles/chips/apples-ios-4-hardware-encryption-has-been-cracked-20110525/

======
pilif
The encryption hasn't quite been cracked. This tool is just brute-forcing the
passcode, which by default is 4 digits long, so it wouldn't take that long to
brute-force that anyways.

Also, the tool seems to perform an online attack with the phone connected,
which means that Apple will be able to stop this from going on.

Seing that only an online attack can be done hints at the fact that the key
derivation method that turns the 4 digit passcode into the AES key isn't known
(yet).

I'd say that you are (still) pretty save if you use the longer password
instead of the passcode and as long as the tool requires the phone to be
connected, we can count on Apple patching the issue.

It's funny how these articles always talk about having "cracked the AES
encryption" when all they do is brute-forcing a password.

~~~
r00fus
This is why I'm happy that Android has some interesting password entry
mechanisms that only exist for the iPhone in the jailbreak arena.

Apple really needs to embrace a non-PIN style password and make a way to login
that's not a pain in the ass. A friend has an iPhone with a 9-character pass..
it's secure but impossible to use since it takes about 10 seconds to unlock
each time... if the user can't be bothered to put a master password because
it's not usable to do so, then it almost doesn't matter if there's hardware
encryption anyway.

Compared with Google, Apple's views on security are weak. It's like comparing
Google's "customer support" to Apple's... demonstrably weaker.

~~~
pygy_
How many swipes are required to unlock your Android phone? Is there an upper
limit? Also, how many hot spots are there on the screen (I assume it's not a
free-hand gesture...)?

~~~
tedunangst
The swipie unlock that every Android phone I've seen in practice could be
represented as a four digit number (actually less, since there's no zero and
no repeats IIRC). The only difference I can see between a swipe and a digit is
you hold your thumb down and it looks more futuristic.

------
X-Istence
I don't think that this is brute-forcing the passcode at all, rather I think
it is brute-forcing another method to locking the iPhone, namely that of
iTunes...

iTunes has a special file on your computer that when you plug in your phone
will allow it to start syncing data to and from your phone (including making
backups) without requiring you to unlock it.

What I believe they are doing is actually brute-forcing the required entry
code for that. Once you get that code (and there is no limit to how many times
you can try) you get full access to the phone, including that bit-for-bit copy
they are talking about.

Apparently the key space is small enough that it is easy enough to brute-
force.

In that case it doesn't matter what kind of protection you use, whether it is
the pass code lock, or the alphanumeric that they introduced on the iPhone 4
(IIRC).

Note that all of this is speculation, I have no inside knowledge, but that is
how _I_ would go about attacking the iPhone.

------
sdz
So... you can use brute force to break encryption? Is that news? It doesn't
sound like there was any security hole in the implementation or a leaked
cryptographic key, so in what sense is the encryption "cracked"?

~~~
smackfu
I think it is more that someone is now selling a purpose-built software
solution to brute force iPhones, that governments and other interested parties
can buy.

------
hsmyers
Seems to me that the maxim 'put nothing on the internet that you don't want
exposed' should be applied to cell phones as well. Given the decreasing
protection provided by the courts, this sort of tool will be used more and
more often. Those who talk of unreasonable search and seizure need to pay
attention to today's realities.

~~~
bad_user

         put nothing on the internet that you don't want exposed
    

IMHO, it's not the exposure I'm worried about, but the discrimination that
follows. Getting drunk at a party and posting pictures on Facebook should not
be grounds for you getting rejected at an interview.

Also, talking about exposure, companies that found/asked for my social
security number or home address, then exposed it on the Internet, should not
be surprised when I sue them for huge amounts of money (I'm doing it right now
and the only question is how much money I can win).

~~~
ghshephard
"Getting drunk at a party and posting pictures on Facebook should not be
grounds for you getting rejected at an interview."

I agree with the OP - If you don't want to be discriminated against, keep it
off the internet, or it can be used against you.

The only exceptions that I can think of would be those aspects that are
considered "protected" - I'm in the rather liberal (but at-will-employment)
California, so that includes (at last count, they've probably added more, "age
(if over 35), ancestry, color, race, sex (gender), religion, national origin,
marital status, physical or mental disability, medical condition, or sexual
orientation." - Everything else is fair game. And certainly, drunk pictures of
you on facebook would fall within the realm that an employer might reasonably
discriminate against you.

If you don't want it used against you, don't place it on the internet, despite
the level of protection/encryption/privacy policy you think you have
protecting you. The elcomsofts of the world are likely to make your private
information less so more quickly than you would think.

~~~
yuhong
On that matter, I had a list of bad practices in HR that cause most of the
problems here:
[http://news.slashdot.org/comments.pl?sid=2082332&cid=358...](http://news.slashdot.org/comments.pl?sid=2082332&cid=35811494)

------
VengefulCynic
It would seem that this "crack" could simply be circumvented by using an
alphanumeric password and/or setting the iPhone to shred its crypto key after
10 consecutive password failures. Obviously, neither of these are standard
features, but both are available.

~~~
rimantas
I guess that by " _neither of these are standard features_ " you mean "not on
by default". It's two clicks in settings to turn these on.

~~~
omh
Or two clicks for your corporate sysadmin to _force_ it :-)

~~~
Splines
Yay. Exchange policies + toddlers = fun times

This is why I don't sync my phone to my work email. It's just not worth it.

------
omh
Why does the iPhone talk to anything on the data port without entering the
passcode first?

It seems like this is reading the encrypted data and then brute forcing it,
but there's no need to give access to even the 'secure' data without asking
the user to enter the passcode. Then you can check for 10 incorrect codes and
wipe the device if necessary. (I believe this is how the Blackberry handles
things)

------
schmidp
Will this also work if one has his iPhone set to delete its crypto keys after
10 failed attempts?

------
RexRollman
I was under the impression that not all user data is encrypted on an iOS 4
device, mainly just the user data of apps from Apple that are included with
the device.

Does Apple's iOS provide for encryption of all user data? Or is it the case
that the app's developer has to avail himself of an API to make this happen?

~~~
r00fus
Correct, although Apple does provide an API to use the hardware encryption.
Most apps do NOT use it.

If you're paranoid, you can make most data reasonably secure by using the
built-in apps and apps like StashPro (which does use the hardware crypto API).
This includes putting a decent length password, which is also hard to use.

Full-device encryption backed by hardware would be really great. IIRC, that's
not possible on either iOS or Android right now (not sure about other
platforms).

------
ritonlajoie
Does it mean anything for the Ipad 2 Jailbreak ? I'm confused... It seems the
encryption keys are in the chip in these Ipads, so I wonder if this article
means that they could get the keys from the hardware ? If so, how is it
related to an OS in particular ?

------
guan
Hopefully Remote Wipe will still work by shedding the keys altogether.

~~~
GiraffeNecktie
Remote wipe wouldn't work if network access was disabled.

~~~
guan
Of course, I meant, hopefully a successful remote wipe will prevent this
method from working. (A number of things could go wrong, including no signal,
MobileMe being down, etc.)

