Replies

I have to admit that this FBI / Apple thing has me a little confused. I always heard cases where smart phones were confiscated and used against typical people at traffic stops, accidents, etc.... Our computers can be confiscated and used against us. What is causing this debate? Is it simple password protection of the phone causing this? If someone understands, please let me know. Mainly, let me know what I need to protect my phone and self in the event I have an issue.

The iPhones/iPads that a user has opted to protect with a passcode are encrypted with a 256 bit Advanced Encryption Standard which is for all practical purposes unbreakable in anything but astronomical time. While the original four digit default passcode has only 10,000 possible solutions, someone trying to break into the iPhone/iPad so protected has only 10 chances to hit the right one before the device erases the encoded comparison hidden in an unreachable location inside the device is permanently erased, making the data for ever unreachable.

That four digit passcode is NOT the key to the encryption but just one piece of four pieces used to construct the AES key used to encrypt the data on the FLASH memory of the device. The other three pieces of that key are a Unique Device ID (UDID), a Group ID shared by all devices of the same model (GID), and a random number generated when the user first input his passcode created by reading the device's camera, microphone, accelerometer, and a fourth sensor, combined to make a truly entropic random number undiscoverable outside the device.

These four pieces, passcode, UDID, GID, and random number, are entangled by a hidden algorithm each time the passcode is entered to recreate the AES Encryption/Decryption KEY to decipher the data on the FLASH memory stored on the iPhone or iPad as needed. This KEY, at minimum would be a 132 characters in length, and can be up to 256 characters, and use any of the 223 characters in the Apple set. Thus there are a minimum 223¹³² . . . to a maximum 132²⁵⁶ concatenated possible KEYS to try in brute force try to decrypt just ONE iPhone.

Using the fastest supercomputer we now have available to us, which could Brute Force try capable of making 27,000,000,000,000 decisions per second, trying just the lowest possible number of KEYS it would take:

116,209,806,593,914,624,870,054,703,785,744,427,568,633,721,207,504,810,301,460,528,440,066,724,340,287,715,735,679,109,701,519,266,939,088,502,843,132,044,241,925,457, 525,205,617,562,366,850,487,761,225,023,194,470,172,963,858,894,739,659,197,015,195,249,199,831,485,264,916,715,387,833,813,135,377,729,928,185,972,857,659,278,426,726, 061,487,888,562,070,911,854,491,581,420,641,841,193,727,418,626 YEARS to try every possible KEY to decrypt just one iPhone.

If you'd like to see how that is said in English, Click Here for where I posted it originally on FR, but be prepared for a long read. Don't try to read it out loud in one breath!

That is why the FBI was wanting Apple to re-write iOS to get around the ten tries and it erases the Key to the Encryption Key. Without that basic key, you don't get to the main AES key ever. That limit of ten tries is the first line of defense and it's hard coded into the iPhone's/iPad's hardware.