Feeds

iOS 4 hardware encryption cracked

‘We don’t want this to fall into the wrong hands’

Top three mobile application threats

Russian security outfit ElcomSoft is shipping a toolset that cracks open the hardware encryption protecting iOS4-based iPhones – but it's only for spooks and law enforcement.

In an announcement that will have black-hats working to replicate its results, the company says its tool can “extract all relevant encryption keys from iPhones running iOS 4,” and can also use those keys to “decrypt iPhone file system dumps.”

Vladimir Katalov, ElcomSoft CEO, says the tool breaks “into the heart of iPhone data encryption”.

With access to the device (a prerequisite for ElcomSoft’s technique), the software uses its unique ID and escrow keys (which exist to allow remote devices to sync with the iPhone) to access data.

According to this H Online article, data can only be extracted from an iPhone that’s booted in Device Firmware Upgrade mode, which allows direct copying of data on the Flash drive. This breaks iOS’s protection of the keys themselves, which are not visible to applications running in normal mode.

However, breaking the keys is slow. When files are decrypted, two keys are required – the one generated by the user’s passcode, as well as the key created by iOS Data Protection. H Online said the demonstration given to it required 40 minutes to brute-force a four-digit passcode.

While it might also be feasible to brute-force the escrow key stored on a computer to which the iPhone syncs, that approach has both pros and cons: a PC offers a faster platform for guessing keys, but the escrow key is larger than a typical user’s passcode.

ElcomSoft promises to guard the tool closely, with Katalov saying “we made a firm decision to limit access to this functionality to law enforcement, forensic and intelligence organisations and select government agencies”.

ElcomSoft had already demonstrated password recovery from iPhone 4 devices, last year.

Whether or not you think the police are the ‘right hands’ for this technology probably depends on whether or not you’ve had a device wrongfully seized and presumably data-dumped by a plod suffering a rush of blood to his head. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Report: Apple seeking to raise iPhone 6 price by a HUNDRED BUCKS
'Well, that 5c experiment didn't go so well – let's try the other direction'
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
AMD unveils Godzilla's graphics card – 'the world's fastest, period'
The Radeon R9 295X2: Water-cooled, 5,632 stream processors, 11.5TFLOPS
Sony battery recall as VAIO goes out with a bang, not a whimper
The perils of having Panasonic as a partner
NORKS' own smartmobe pegged as Chinese landfill Android
Fake kit in the hermit kingdom? That's just Kim Jong-un-believable!
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.