What did 👮 want from 🍏?

Transcript

1. What did ! want from ! ?

2. None

3. Disclaimer All the information is my interpretation of the iOS

   Security Guide

4. Effaceable Storage • how to truly erase something from an

   SSD? (source: http:/ /lwn.net) • Apple's solution: small chunk of memory not subject to wear leveling

5. Metadata • encrypted with random key created on install •

   not for confidentiality • in Effaceable Storage • ! • ✅ FBI knows that one

6. Files The content of a file is encrypted with a

   per-file key, which is wrapped with a class key and stored in a file’s metadata — iOS Security Guide FBI needs the file key ( ) 1. ✅ — the file they want to decrypt 2. ✅ — the file system key 3. ❌ — the mysterious class key

7. Class Key The class key is protected with the hardware

   UID and, for some classes, the user’s passcode. — iOS Security Guide • hardware UID: AES 256-bit key fused into the application processor • No software or firmware can read them directly • see only the results of encryption or decryption operations performed by dedicated AES engines

8. Class Key, contd. 1. ❌ ❌ — !" 2. #

   3. ❌ 4. , , ..., ? 10000 possibilities — !$ 5. how to we access the AES engine?

9. iOS Kernel* ✅ ✅ ❌ So the only protection* is

   that the FBI can't easily run code in kernel mode. *) on older devices (up until iPhone 5C)

10. So why !"?

11. Ways to get around it • jail break • prevent

    SSD from being erased & try • crypto vulnerability • acid + focussed ion beam ? • reboot early & try ? • ???

12. Thank you! ! Questions❓ @johannesweiss !

13. Links • iOS Security Guide — https:/ /goo.gl/DJvK0F — https:/

    / www.apple.com/business/docs/iOSSecurityGuide.pdf • Crypto Stack Question — http:/ /goo.gl/4oN1rY — http:/ / crypto.stackexchange.com/questions/32886/why-does-the-fbi- ask-apple-for-help-to-decrypt-an-iphone