179

As far as I understand, the 4 digit passcode is combined (in some fashion) with a key stored in secure read only memory (e.g. secure enclave chip or similar), where it is directly embedded into silicon wiring to help prevent unauthorized reads.

But no matter how strong or multi-layered or complicated the security is, wouldn't it still be possible to read the key directly from the silicon wiring of the secure chip or ROM, using some electron microscopy technique or similar? If so, surely the FBI could develop the technology for this, without asking Apple for help.

Improve this question
16
  • 14
    FTR, iPhone 5 doesn't have secure enclave
    – Neil McGuigan
    Commented Feb 18, 2016 at 19:30
  • 22
    @NeilMcGuigan Good point. I think a lot of news items that discuss this situation are totally, utterly confused by the secure enclave vs. no-secure enclave issue, and wind up talking about extracting stuff from an enclave when that's not actually at issue in this particular case. But that still leaves the question: in iPhones that lack an enclave why can't the FBI just copy the part of the encryption key that's held (not in a secured area) by the device, copy the volume to be decrypted, and just brute-force the passcode (which is the remaining portion of the encryption key) straightaway?
    – mostlyinformed
    Commented Feb 18, 2016 at 19:59
  • 4
    @schroeder looks like it's on any iphone w A7 chip or newer (Sept 2013). This includes iPhone 5s, but not iPhone 5. I'm not sure about 5c
    – Neil McGuigan
    Commented Feb 18, 2016 at 21:25
  • 6
    The most impressive hack here is how Apple is getting all this free press just for getting the FBI to ask for help. Apple has helped before. Saying no now does far more for the perception that an iPhone is secure than it improves actual security.
    – candied_orange
    Commented Feb 19, 2016 at 3:39
  • 7
    @CandiedOrange In the past Apple has complied with government orders to extract data that was extractable without unlocking on iOS 7 and earlier. iOS 8 is more secure and the data is locked. techcrunch.com/2016/02/18/…
    – ThomasW
    Commented Feb 19, 2016 at 6:56

8 Answers 8

Reset to default
225

Yes, it is possible. However, that runs the risk of destroying the device without getting the data off first, which is undesirable. It also does not achieve the political goals of forcing Apple to assist in decrypting the device, paving the way with precedent for the flurry of future requests of this sort to come, some of which are certain to have less favorable facts and thus are not as suitable as test cases.

Improve this answer
15
  • 166
    Buying a dozen iPhones to test any physical extraction method would be a lot cheaper than everything about this affair, so one has to assume that the question is no longer about the San Bernardino case.
    – Thomas Pornin
    Commented Feb 18, 2016 at 18:22
  • 8
    @ThomasPornin This is exactly the thought that I had. But the confusing thing (to me, anyways; iOS is not an ecosystem I'm all that familiar with) is that some items I've seen have asserted that for the iPhone 5c extracting data--even if you could do so with 100% guarantee of success-- from the secure module would not be enough, by itself, to allow easy decryption. Though other sources I've read assert that after a successful extraction the FBI would merely be left with a super-quick brute-forcing job to gain the passcode. (I'll admit that at this stage I'm just as confused as OP...)
    – mostlyinformed
    Commented Feb 18, 2016 at 19:36
  • 4
    If all the data is extracted and this is merely a matter of pure software, then a brute-force on a 6-digit PIN is not going to take long. If a single iPhone can verify/process a PIN within one second, then the same iPhone hardware can necessarily perform the same job for 1 million PIN in 1 million seconds at most -- and that's assuming a rather heavy PIN processing. With a couple of good PC this will be done in less than 24 hours, and probably a lot less than that.
    – Thomas Pornin
    Commented Feb 18, 2016 at 19:48
  • 12
    @ThomasPornin Xander Ok, slight issue: as NeilMcGuigan just pointed out above the iPhone 5c doesn't actually have a secure enclave. (Oops.) blog.trailofbits.com/2016/02/17/… The partial key is burned into the hardware, but not protected. But that seems to make the question of why the FBI can't simply read the 5c's not-enclave/module protected partial encryption key from the phone and gain the remainder of the key (ie. the PIN/passcode) via brute-forcing even more puzzling.
    – mostlyinformed
    Commented Feb 18, 2016 at 20:15
  • 3
    @halfinformed If they try to brute-force by just trying codes, the phone will automatically erase itself after 10 failed attempts. However, I'd think the FBI Lab would be capable of copying the encrypted contents of the flash chips (or whatever storage mechanism) onto a computer that doesn't have that drawback.
    – reirab
    Commented Feb 18, 2016 at 23:28
94

What makes you think that they haven't already?

This case is about setting a precedent to obtain access whenever the government desires. They chose this case because America's fear of terrorism will give more popular support for setting this precedent than, say, busting a pot grower or catching a tax cheat.

What would be even better? Privacy advocates pointed out that existing spying operations haven't provided useful count-terrorism intelligence. What if this iPhone contains some golden nuggets of counter-terror intel? Officials will be vindicated, and have a much easier time racheting back privacy protections further in the future.

Maybe the FBI is taking a page from the good lawyer's handbook, and asking questions they can already answer.

Improve this answer
10
  • 14
    Also, they could just ask Apple "Please take this phone, and get such and such information off it for us using whatever means necessary, without revealing anything about the means. Then destroy it". That wouldn't serve the ulterior goal.
    – Kaz
    Commented Feb 19, 2016 at 2:50
  • 11
    @Kaz <devil's advocate> Wouldn't that have negative effects on any evidence gained (chain of custody)? </devil's advocate>
    – Bob
    Commented Feb 19, 2016 at 8:03
  • 3
    @Kaz That would make it impossible for the defense to investigate the evidence.
    – Selenog
    Commented Feb 19, 2016 at 12:16
  • 9
    @Selenog there is no defense, there is no criminal trial here; the perpetrators are deceased. The FBI wants the data off the device so that they can investigate other people who may be linked to the perpetrators & go up the chain of command in their terrorist cell.
    – alroc
    Commented Feb 19, 2016 at 16:43
  • 2
    @alroc Well and should they find any accomplices then that phone can't be used as evidence in the trail, of course assuming they get a trail, I guess.
    – Selenog
    Commented Feb 19, 2016 at 17:52
78

It doesn't scale

While the general consensus is that such technology exists and would be available to FBI, it's not an appropriate general solution because it might be applicable to this case but (unlike a legal battle with Apple) it doesn't scale to all the other cases where they would want to do the same thing.

  • It is expensive - this case might be important enough to warrant the expense, but doing it for all the phones they'd want to read is even more expensive than, say, a prolonged legal battle with lots of lawyers involved;
  • It risks destruction of evidence - there is a significant risk of failure, and failure would mean permanently destroying the key and any means to recover it ever.

A solution that allows FBI to decrypt such phones safely and cheaply would be very desirable to them, so even if they are able read the embedded key from the chip, it is worth a try to get Apple to do it instead.

Improve this answer
5
  • 23
    +1 for a well-written technical answer to the question, without all the extra political commentary
    – Ajedi32
    Commented Feb 19, 2016 at 16:13
  • 2
    I know right...understanding how the gadget works is more important than having morals and being human!
    – codyc4321
    Commented Feb 22, 2016 at 18:06
  • 1
    This make sense. I would imagine they want to be able to have a signed shim bootloader that could bruteforce the pin sort of like what you can do by slightly modifying the Team Win Recovery Rom on an unlocked Android. That way they could just break any phone they physically have without having to pin into the PCB.
    – Ori
    Commented Feb 26, 2016 at 17:58
  • Can you backup the general consensus is that such technology exists with facts and references?
    – user13695
    Commented Mar 1, 2016 at 10:34
  • @JanDoggen The technology to analyse chips by microscopy has existed "forever" - here's a 10 year old survey paper cl.cam.ac.uk/techreports/UCAM-CL-TR-641.pdf that includes, among other things, an overview of various invasive attacks on chips. Here's gcn.com/Articles/2010/02/02/Black-Hat-chip-crack-020210.aspx a 5 year old successful attack on a comparable tamper-resistant chip. Credit card EMV chips are also vulnerable to chip-imaging attacks to extract keys, but they're mitigated by the fact that it's more expensive to extract a key than the limits on a single credit card.
    – Peteris
    Commented Mar 1, 2016 at 11:16
20

You are assuming the problem is technical. It might be political / legal. Let's assume the government already has the technical capability of extracting this information from phones, without Apple providing them a back door. The government, for both legal and technical reasons, can't admit that. Legally, because it might tip its hand to other investigations in which data was used obtaining this not-yet-legal method, which would taint those investigations.

Once, however, the courts force Apple to provide them a backdoor, then they can use their own backdoor with impunity, or just use Apple's.

Improve this answer
0
9

Yes, it is possible. Secure enclave chip is tamper-resistant, but with Advanced (expensive) semi-invasive attack, this chip is vulnerable.

A good link that covers all aspects of attacks on tamper-resistant hardware (note: Dr Sergei Skorobogatov attacks military chips and we know that secure enclave chip of iPhone is weaker than military chip) http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-630.html

intercept report a real hardware attack by CIA on iPhone and below paragraph is from theintercept:

At the 2011 Jamboree conference, there were two separate presentations on hacking the GID key on Apple’s processors. One was focused on non-invasively obtaining it by studying the electromagnetic emissions of — and the amount of power used by — the iPhone’s processor while encryption is being performed. Careful analysis of that information could be used to extract the encryption key. Such a tactic is known as a “side channel” attack. The second focused on a “method to physically extract the GID key.”

But Apple-FBI backdoor is a part of a battle between government departments and crypto for privacy, so the goal of FBI is limiting all crypto-software with passing new law and Apple-FBI backdoor doesn't mean that FBI can't!

See more at: Delicate Hardware Hacks Could Unlock Shooter’s iPhone by threatpost:

“It’s been known they(NSA) have a semiconductor [fabrication] since January 2001. They can make chips. They can make software. They can break software. Chances are they can probably break hardware ”

Improve this answer
4
  • 1
    The phone currently in question is of a model that does not have a Secure Enclave.
    – user
    Commented Feb 22, 2016 at 10:41
  • yes,but an advanced version of above attack is possible on newer models,plz see first link
    – user93414
    Commented Feb 22, 2016 at 15:08
  • +1 Finally an answer with some references that actually adresses the core question "Is it possible?"
    – user13695
    Commented Mar 1, 2016 at 10:39
  • I can't understand the number of downvotes this answer gets.
    – Deer Hunter
    Commented Mar 1, 2016 at 22:21
4

They can, but that's not the problem they're facing.

As you've mentioned, the encryption key is generated from a mix of the PIN number and the private key. The problem is the PIN number.

iPhones allow only a maximum of 10 tries to enter PINs after which it will refuse to accept any additional PIN input. Furthermore, users can configure the phone to delete all data on disk if the 10th attempt fails*. Now, I'm not sure if the specific phone they're trying to unlock has been configured this way but it's too big a risk to take if the data on the phone is important.

A 4 digit PIN has 10000 combinations. So being able to try just 0.1% of all possible combinations is unlikely to work.

What the FBI is asking is basically for Apple to install a custom OS on that phone without the 10-entry limit so that they can try all 10000 PIN combinations.

*Note: When configured to delete data on disk on failed attempts the iPhone won't actually format the disk, it would just delete the private key thereby making any further cracking attempt all but impossible.

Improve this answer
12
  • 10
    I think you're missing the point of the question. If the FBI can extract the key and the disk image from the iPhone, everything in your answer here is irrelevant. They could throw the iPhone in a meat grinder and it wouldn't matter - they'd already have all the information necessary to make as many brute force attempts on the PIN as they want without any risk of data loss.
    – Ajedi32
    Commented Feb 19, 2016 at 16:09
  • 2
    @TTT Last I checked, although your statement is technically correct, it is sooo far off the mark. The entire observable universe doesn't have enough time nor energy to brute force an AES-256 key.
    – Aron
    Commented Feb 23, 2016 at 1:06
  • 1
    @TTT That would not be brute force then.
    – Aron
    Commented Feb 23, 2016 at 2:49
  • 1
    @TTT The fact is "faster" is equal to "would collapse the mathematics". Entropy = Information. The universe isn't big enough for the amount of matter to exist for all possible keys to be computed. As a consequence, information must be deleted, which requires entropy to increase, which will have a limit.
    – Aron
    Commented Feb 23, 2016 at 3:01
  • 3
    @TTT I'm a Physicist by training. I actually know what a tachyon is. Here is the Physics that prevents the caluculation being possible. en.wikipedia.org/wiki/Landauer%27s_principle
    – Aron
    Commented Feb 23, 2016 at 4:51
1

No, even if you were theoretically able to get the embedded key in the hardware, you would still not have the 4 digit code that is combined with the embedded key. Of course, at this point it would be trivial to bruteforce (especially at just 4 digits long).

This answer is geared more towards the original question although other answers are doing well to expand on the discussion regarding the implications of the court's decision.

Improve this answer
3
  • 3
    This doesn't appear to answer the question. Recall that the question is: "Would it be possible to read the key off the hardware?" Saying "Even if you could then..." is not an answer to the question. Perhaps it should be a comment, or shouldn't be posted at all. In any case, please don't use the answer box to post comments, discussion, or other commentary. Reserve the answer box for only material that answers the question that was asked. Thank you!
    – D.W.
    Commented Feb 18, 2016 at 23:45
  • 1
    @D.W. I think it actually answers the question better than the rest as mine specifically states you do not get the encryption key off of the hardware. It is only partially the key. There is still another factor needed to get to the key.
    – d1str0
    Commented Feb 18, 2016 at 23:49
  • 2
    My reading of the question is that it's asking about getting the key (which needs to be combined with the passcode) out of the phone. Exactly because this would make a brute-force attack trivial. I think the OP figured that part too trivial to be worth spelling out.
    – Peter Cordes
    Commented Feb 19, 2016 at 10:14
0

My understanding is that reading anything "directly from silicon" is not practically possible in general case. While it is theoretically possible to determine silicon structure using an electron microscope (destroying a dozen of identical chips in the process), I'm not aware of any readily available methods to read flash memory contents.

Think about it: if it was possible to reliably read any chip's contents, why would the FBI bother to ask Apple for assistance?

Improve this answer
3
  • 1
    Is it possible to add bonding wires to the embedded flash in order to read the key? Or just make it ignore the attempt limit by manipulating the relevant part with a focused ion beam.
    – Michael
    Commented Feb 20, 2016 at 7:23
  • because FBI don't know how to tie to vcc a R/W line on a memory chip. that's why. FBI has surely already done it. It just want apple on its side for the other 10000 phones it needs to decrypt
    – Gianluca Ghettini
    Commented Feb 27, 2016 at 10:23
  • 1
    It would be nice to have some references describing how such things are done. For what I know, even a copy protection bit in a PIC controller is pretty much a show stopper for firmware cloning, even for companies willing to pay tens of thousands $$ for it.
    – Dmitry Grigoryev
    Commented Feb 29, 2016 at 10:27

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .