Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple’s encryption dilemma explained – does giving the FBI access matter?

John E Dunn | March 1, 2016
Apple vs the FBI is a test case that has the potential to redefine the limits of security.

After years circling the issue, a tech firm has decided to risk its neck in an all-out battle of wills with the most powerful policing organisation in the world, the FBI. At issue is the issue of how much assistance it should give to police trying to access data on the company's devices. Many see what happened this week as a moment of truth that has been coming for years.

The FBI v Apple

At the centre of it all is a single encrypted iPhone that belonged to one of the two individuals, Syed Farook, who carried out the murderous San Bernardino attack on 2 December 2015. The FBI wants access to the data on the device (which belongs to Farook's employer, the San Bernardino County Department of Public Health). Apple doesn't want to go as far as the FBI demands in making that possible and the Feds are now using an 18th Century law called the All Writs Act to force it to comply with what is, in effect, a search warrant by creating special 'one-off' software to bypass device security.

Earlier this week, a judge agreed with the FBI's demand which Apple says it will now appeal.

What is the FBI's technical beef?

A lot has been written about how difficult it is to break something called Secure Enclave, a security coprocessor architecture that arrived with devices based on the A7 processor in 2013. Even Apple says it can't bypass this because it is separate from the OS. Ironically, the iPhone the FBI wants to access, a 5C, uses an older version based on some of the same principles as Secure Enclave that runs on the A7's predecessor, the A6, but with some important weaknesses.

Breaking the 5C's encryption is easier therefore but not easy. As with Secure Enclave, the 5C uses hardware to encrypt data into and out of storage using a special 'ephemeral' key that disappears when the phone is turned off. A copy of this key is stored on flash memory but - and this is the tricky bit - this can't be accessed without the 4-digit (or greater) PIN entered by the user when the iPhone is turned on. The keys work together like a sort of double lock.

Because 4-digit PINs most people use aren't very secure (only 10,000 possibilities) there are extra protections to stop attackers simply going through every possibility, such as a data wipe function after 10 incorrect attempts as well as time delays for every guess. If the PIN uses more than four digits, the time delays turn from seconds to days, months and years. All of this must be done on the iPhone itself.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.