It really is unnecessary to do that. On an iPhone, in iOS 8, Apple has provided standard 256 bit AES encryption. If you choose complex passcodes, you can use a passcode that can be any one of 256227 possible combinations. That passcode which only you know is entangled with the iPhone's or iPad's UUID by an algorithm. This entangled passcode is then converted to a hash and stored in the devices Secure Element section of the processor. . . only as a hash. The passcode can not be derived by working backwards from knowing the hash. Each time the passcode in entered through the keyboard only, a new UUID entanglement is generated, the hash is regenerated, and compared with the stored hash. If they match, the phone is opened, and the portions of the encrypted stored data the user accesses during that session are temporarily decrypted and re-encrypted as necessary, no more.
All attempts to decode the contents of the FLASH memory can only work on the iDevice, nowhere else. . . because it requires the processor with its Secure Element, and the Unique Unit ID. So the encrypted contents of the device cannot simply be copied to a supercomputer for sheer speed and brute strength breaking, as if their somewhat faster attempts would shave much time off of aeons.
When the user sends anything to Apple icloud, the data is also. 256 bit encrypted with the user's entangled passcode which Apple has no access to and cannot determine, no matter how hard they try. Once it arrives on an Apple server, it is identifiable only by the user's unique identifier, but not by name, so it is anonymous. The data is further encrypted to an addition 256 bit AES WITH Apple's passcode, then split, aggregated with other users' data and stored in a recoverable format that only the user may retrieve.
If, the government or court should order Apple to turn over copies of that raw data, there is no way for Apple to distinguish the target's data from anyone elses' without their icloud passcode, and if they did give the authorities the assumed whole aggregate, even unencrypted using Apple's passcode, all the authorities would have is volume and volumes of disconnected gobble-de-gook. Meanwhile, the owner's privacy is protected.
Now I'm not going to use a 256 character passcode. I don't want to have to type it in just to make or answer a phone call, but shorter one can be almost as effective, especially when paired with TouchID PROPERLY.
Thanks for explaining that.I wrote what I did because the way I read the Article it sounded as if law enforcement would get a judge to force the company to provide the necessary assistance to break the encryption.
Thanks again.And while I’m at it I’m going to increase the size of my password.