$30 off During Our Annual Pro Sale. View Details »

What did 👮 want from 🍏?

What did 👮 want from 🍏?

A brief look into some technical details of the FBI/Apple case covering bits of iOS encryption.

Johannes Weiss

March 31, 2016
Tweet

More Decks by Johannes Weiss

Other Decks in Programming

Transcript

  1. Effaceable Storage • how to truly erase something from an

    SSD? (source: http:/ /lwn.net) • Apple's solution: small chunk of memory not subject to wear leveling
  2. Metadata • encrypted with random key created on install •

    not for confidentiality • in Effaceable Storage • ! • ✅ FBI knows that one
  3. Files The content of a file is encrypted with a

    per-file key, which is wrapped with a class key and stored in a file’s metadata — iOS Security Guide FBI needs the file key ( ) 1. ✅ — the file they want to decrypt 2. ✅ — the file system key 3. ❌ — the mysterious class key
  4. Class Key The class key is protected with the hardware

    UID and, for some classes, the user’s passcode. — iOS Security Guide • hardware UID: AES 256-bit key fused into the application processor • No software or firmware can read them directly • see only the results of encryption or decryption operations performed by dedicated AES engines
  5. Class Key, contd. 1. ❌ ❌ — !" 2. #

    3. ❌ 4. , , ..., ? 10000 possibilities — !$ 5. how to we access the AES engine?
  6. iOS Kernel* ✅ ✅ ❌ So the only protection* is

    that the FBI can't easily run code in kernel mode. *) on older devices (up until iPhone 5C)
  7. Ways to get around it • jail break • prevent

    SSD from being erased & try • crypto vulnerability • acid + focussed ion beam ? • reboot early & try ? • ???
  8. Links • iOS Security Guide — https:/ /goo.gl/DJvK0F — https:/

    / www.apple.com/business/docs/iOSSecurityGuide.pdf • Crypto Stack Question — http:/ /goo.gl/4oN1rY — http:/ / crypto.stackexchange.com/questions/32886/why-does-the-fbi- ask-apple-for-help-to-decrypt-an-iphone