[cryptography] Here's What Law Enforcement Can Recover From A Seized iPhone

Jon Callas jon at callas.org
Thu Mar 28 19:27:26 EDT 2013

Hash: SHA1

[Not replied-to cryptopolitics as I'm not on that list -- jdcc]

On Mar 28, 2013, at 3:23 PM, Jeffrey Goldberg <jeffrey at goldmark.org> wrote:

>> Do hardware manufacturers and OS vendors have alternate methods? For
>> example, what if LE wanted/needed iOS 4's hardware key?
> You seem to be talking about a single iOS 4 hardware key. But each device
> has its own. We don't know if Apple actually has retained copies of that.

I've been involved in these sorts of questions in various companies that I've worked. Let's look at it coolly and rationally.

If you make a bunch of devices with keys burned in them, if you *wanted* to retain the keys, you'd have to keep them in some database, protect them, create access  controls and procedures so that only the good guys (to your definition) got them, and so on. It's expensive.

You're also setting yourself up for a target of blackmail. Once some bad guy learns that they have such a thing, they can blackmail you for the keys they want lest they reveal that the keys even exist. Those bad guys include governments of countries you operate or have suppliers in, mafiosi, etc. Heck, once some good guy knows about it, the temptation to break protocol on who gets keys when will be too great to resist, and blackmail will happen.

Eventually, so many people know about the keys that it's not a secret. Your company loses its reputation, even among the sort of law-and-order types who think that it's good for *their* country's LEAs to have those keys because they don't want other countries having those keys. Sales plummet. Profits drop. There are civil suits, shareholder suits, and most likely criminal charges in lots of countries (because while it's not a crime to give keys to their LEAs, it's a crime to give them to that other bad country's LEAs). Remember, the only difference between lawful access and espionage is whose jurisdiction it is.

On the other hand, if you don't retain the keys it doesn't cost you any money and you get to brag about how secure your device is, selling it to customers in and out of governments the world over.

Make the mental calculation. Which would a sane company do?

>> I suspect Apple has the methods/processes to provide it.
> I have no more evidence than you do, but my guess is that they don't, for
> the simple reason that if they did that fact would leak out. Secret
> conspiracies (and that's what it would take) grow less plausible
> as a function of the number of people who have to be in on it.
> (Furthermore I suspect that implausibility rises super-linearly with
> the number of people in on a conspiracy.)

And that's just what I described above. I just wanted to put a sharper point on it. I don't worry about it because truth will out. Or as Dr. Franklin put it, three people can keep a secret if two of them are dead.

>> I think there's much more to it than a simple brute force.
> We know that those brute force techniques exist (there are several vendors
> of "forensic" recovery tools), and we've got very good reasons to believe
> that only a small portion of users go beyond the default 4 digit passcode.
> In case of LEAs, they can easily hold on to the phones for the 20 minutes
> (on average) it takes to brute force them.

The unlocking feature on iOS uses the hardware to spin crypto operations on your passcode, so you have to do it on the device (the hardware key is involved -- you can't just image the flash) and you get about 10 brute force checks per second. For a four-character code, that's about 1000 seconds.

See <http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf> for many details on what's in iOS specifically.

Also, surprisingly often, if the authorities ask someone to unlock the phone, people comply. 

> So I don't see why you suspect that there is some other way that only
> Apple (or other relevant vendor) and the police know about.

Yeah, me either. We know that there are countries that have special national features in devices made by hardware makers that are owned by that country's government, but they're very careful to keep them within their own borders, for all the obvious reasons. It just looks bad and could lead to losing contracts in other countries.

Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii


More information about the cryptography mailing list