[conspire] Order to Compel Apple to Assist With SB Shooter Unlock
Steve M Bibayoff
bibayoff at gmail.com
Thu Feb 18 23:29:10 PST 2016
Hello,
On Thu, Feb 18, 2016 at 6:36 PM, Rick Moen <rick at linuxmafia.com> wrote:
> Here's a (very speculative, twisty) possibility: Maybe there already
> are. Maybe the point of the Assistant AGs' court action is merely to
> establish legal precedent about right to compell breaking of device
> security, for use in later/other cases entirely.
This is my basic speculation, and you make excellent points following.
> FYI, starting with iOS 8, most userspace applications on an iPhone have
> written all their back-end (disk) stored data strongly encrypted using a
> symmetric AES cipher whose key is a combination of a 256-bit key (the
> 'UID') and the user's 4-digit numeric passcode. [RM: No longer 4-digit.
> See correction below.] Details here:
> http://www.darthnull.org/2014/10/06/ios-encryption
Good link. Also has a link to Matthew Green, which is always a good read.
And from Matthew's link:
http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html
"Update 10/4: Comex and others (who have forgotten more about iPhone
internals than I've ever known) confirm that #1 is the right answer.
The UID appears to be connected to the AES circuitry by a dedicated
path, so software can set it as a key, but never extract it. Moreover
this appears to be the same for both the Secure Enclave and older
pre-A7 chips. So ignore options 2-4 below."
This clarifies some things, but leaving the door open for the FBI
doing this for Judicial Precedence
Steve
More information about the conspire
mailing list