[cryptography] Here's What Law Enforcement Can Recover From A Seized iPhone

Jon Callas jon at callas.org
Thu Mar 28 19:35:04 EDT 2013


On Mar 28, 2013, at 4:07 PM, shawn wilson <ag4ve.us at gmail.com> wrote:

> 
> On Mar 27, 2013 11:38 PM, "Jeffrey Goldberg" <jeffrey at goldmark.org> wrote:
> >
> 
> >
> > http://blog.agilebits.com/2012/03/30/the-abcs-of-xry-not-so-simple-passcodes/
> >
> 
> Days? Not sure about the algorithm but both ocl and jtr can be run in parallel and idk why you'd try to crack a password on an arm device anyway (there's a jtr page that compares platforms and arm is god awful slow)
> 
> 

You have to run the password cracker on the device, because it involves mixing the hardware key in with the passcode, and that's done in the security chip. You can't parallelize it unless you pry the chip apart. I'm not saying it's impossible, but it is risky. If you screw that up, you lose totally, as then breaking the passcode is breaking AES-256. And if you have about 2^90 memory, it's easier than breaking AES-128!

	Jon


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130328/c02af2b7/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130328/c02af2b7/attachment.sig>


More information about the cryptography mailing list