Apple ordered to unlock Bernardino shooter's iPhone for FBI: Why can't authorities decrypt the device?
If you are running iOS 8 or higher on your iPhone then your device is encrypted, the data on it cannot be tampered with and only your passcode (or fingerprint) can unlock it.
Data privacy and the creation of "backdoors" for government agencies has entered the public debate recently with Apple being ordered by a US court to help the FBI disable security features and unlock the encrypted iPhone 5C recovered from one of the San Bernardino shooters.
The FBI says it only wants Apple to create a way to unlock this one specific iPhone belonging to Syed Rizwan Farook, who along with his wife killed 14 people and injured 22 others in a shooting rampage on December 2.
But Apple has hit back, saying the FBI's request for the company to create a new version of the iPhone operating system that circumvents several security features and could be installed on Farook's iPhone could in fact create a backdoor, and "in the wrong hands" jeopardise security for all iPhones.
So why is it that the FBI's best people cannot crack an iPhone passcode or access the data on the device another way?
It's complicated. It involves the methods Apple uses to stop people from guessing passcodes, how it encrypts the data and the auto-delete booby-trap.
1. Your device has a Unique ID to encrypt itself, and Apple doesn't know what it is
The first roadblock for the FBI is that each iPhone comes with its own security key known as a Unique ID (UID) used for encrypting the device.
If you are running iOS 8 or a later version then your Unique ID is helping to encrypt all your messages, photos, notes, browser history, calendar information and all other app data.
This AES 256-bit string of letters and numbers is completely different for each iPhone and securely written to the phone's processor during manufacturing.
According to Apple, no software can read your Unique ID and the company, along with its suppliers, do not keep a record of it.
This means Apple cannot supply it to the FBI to help decrypt a suspect's device.
Your data, which is written to the memory chips, can only be decrypted on your specific iPhone with your Unique ID and only accessed if you enter the passcode to unlock the device.
If the FBI were to physically remove the memory chips housing the data of Farook's iPhone and attach them to a different phone or machine to try and access them, there would still be no way to decrypt the data as it is still tied to your Unique ID.
2. Each incorrect passcode enforces a delay for the next attempt
iPhones can be locked using either a four-digit code, a six-digit code or a custom-length password using both numbers and letters.
The four-digit passcode has 10,000 different combinations, the six-digit has 1 million combinations and the alphanumeric password can be in the billions.
Ordinarily, if the FBI were to use a program or machine it could brute-force 10,000 or even 1 million different combinations relatively quickly, but there is a hurdle in the form of an enforced delay between passcode attempts.
|Attempts||Enforced delay before next attempt|
If that was all the security the iPhone had it would still take more than a year (416 days) for a machine to go through every one of the possible combinations of a four-digit passcode, leaving one hour between tries — and that is just the simplest passcode.
But there is another layer of security. Apple has designed the system so that each passcode attempt makes the device perform a cryptographic calculation, and each attempt adds a complication to the calculation it needs to do, thus incrementally slowing down every passcode entry.
Apple's security guide states that even without the one-hour delay between each code entry, it would take five-and-a-half years to try all combinations of a six-character-length password using both numbers and letters.
Things are not looking good for the FBI.
3. Data can self-destruct after 10 unsuccessful attempts
And then the FBI have another problem.
If you have 'Erase Data' set to "on" under Settings, Touch ID & Passcode, then after 10 unsuccessful attempts your iPhone will wipe all data.
This is a big concern for the FBI as they cannot try more than nine passcode combinations on Farook's iPhone without being sure whether the device's data will self-destruct.
In its privacy letter to customers, Apple says the FBI wants them to "make a new version of the iPhone operating system, circumventing several important security features".
The self-destruct feature would likely be one of those features the FBI wants disabled in special version of iOS they want Apple to create and install on Farook's iPhone.
4. Data can be remotely wiped
In a case where a suspect's device is in the hands of authorities but the suspect or someone who knows their iCloud password is at large, then all data on the iPhone can still be wiped remotely.
By logging into iCloud.com and using 'Find My iPhone' (if it is turned on in your settings) you can find your device and erase the data if it is powered on and connected to a network.
5. What about just unlocking it with a fingerprint?
Farook's iPhone is a 5C model which does not include a fingerprint scanner, but for the sake of argument, let us take a look at how easy would it be to unlock an iPhone with Touch ID.
A US judge in 2014 ruled that police could force a suspect to unlock their phone using a fingerprint even if they could not force them to divulge the passcode.
If you have access to the suspect then you could easily unlock the phone and access all the data using Touch ID, but with a few caveats.
Only a maximum of five fingers can be registered when setting up Touch ID and if a suspect makes five attempts to unlock the device with an unregistered finger then the device will require the passcode to unlock.
If the device has been turned off or restarted it will also need the passcode the first time you unlock it.
Similarly if the device has not been unlocked for more than 48 hours it will not allow you to use the fingerprint scanner.
Source: ABC News