What did 👮 want from 🍏?

What did 👮 want from 🍏?

A brief look into some technical details of the FBI/Apple case covering bits of iOS encryption.

8162cb1dea89b7041ba5d67d1c5a01f2?s=128

Johannes Weiss

March 31, 2016
Tweet

Transcript

  1. What did ! want from ! ?

  2. None
  3. Disclaimer All the information is my interpretation of the iOS

    Security Guide
  4. Effaceable Storage • how to truly erase something from an

    SSD? (source: http:/ /lwn.net) • Apple's solution: small chunk of memory not subject to wear leveling
  5. Metadata • encrypted with random key created on install •

    not for confidentiality • in Effaceable Storage • ! • ✅ FBI knows that one
  6. Files The content of a file is encrypted with a

    per-file key, which is wrapped with a class key and stored in a file’s metadata — iOS Security Guide FBI needs the file key ( ) 1. ✅ — the file they want to decrypt 2. ✅ — the file system key 3. ❌ — the mysterious class key
  7. Class Key The class key is protected with the hardware

    UID and, for some classes, the user’s passcode. — iOS Security Guide • hardware UID: AES 256-bit key fused into the application processor • No software or firmware can read them directly • see only the results of encryption or decryption operations performed by dedicated AES engines
  8. Class Key, contd. 1. ❌ ❌ — !" 2. #

    3. ❌ 4. , , ..., ? 10000 possibilities — !$ 5. how to we access the AES engine?
  9. iOS Kernel* ✅ ✅ ❌ So the only protection* is

    that the FBI can't easily run code in kernel mode. *) on older devices (up until iPhone 5C)
  10. So why !"?

  11. Ways to get around it • jail break • prevent

    SSD from being erased & try • crypto vulnerability • acid + focussed ion beam ? • reboot early & try ? • ???
  12. Thank you! ! Questions❓ @johannesweiss !

  13. Links • iOS Security Guide — https:/ /goo.gl/DJvK0F — https:/

    / www.apple.com/business/docs/iOSSecurityGuide.pdf • Crypto Stack Question — http:/ /goo.gl/4oN1rY — http:/ / crypto.stackexchange.com/questions/32886/why-does-the-fbi- ask-apple-for-help-to-decrypt-an-iphone