Replies

And if you know the base algorithm, a supercomputer can find the key.

Uh, that's not true. They are using a publicly known algorithm. AES256 is well known, and well researched. As Swordmaker has commented upthread, the 'key' itself is not actually stored on the device. A hash of it is. That hash is a one-way mathematical function. It cannot be reversed. No supercomputer extant today can crack it in anything less than the heat death of the universe. If they could, that would mean that the cryptographic algorithm had been fundamentally compromised. That's why we use these algorithms and functions. They are, to the best of our knowledge, absolutely secure short of brute-force cracking, which iPhones attempt to defeat through hardware. (i.e., you only get 10 tries before the hash is wiped.) Even if Fedgov can get around that limitation, I'm perfectly willing to let them churn away on it with all available computational resources until the sun expands into a gas giant and swallows the Earth.

I've had an interest in cryptography since Phil Zimmerman released PGP a couple of decades ago. None of the math of this is rocket science. Implementation of it sometimes can be, which is why Apple goes to as much trouble as it does to isolate the crypto from the phone itself. Personally, I think they do a pretty good job of it. Better than Google has with Android, mainly because Apple has total control over both hardware and software, which is something Google does not have.

As I said, the implementation of the cryptographic protocols, can be pretty difficult, especially against a determined adversary like FedGov. There are known hacks against older iPhones. Each time a work-around is found, Apple attempts to mitigate on their next models, as they should.