Apple's 'Unbreakable' iOS Device Encryption Highlighted
Technology Review takes a look at the evolution of security on the iPhone, noting how Apple has been able to gain acceptance in government and enterprise by overcoming its initially lax stance on device security to roll out industry-leading encryption options that can defeat essentially all attempts at accessing properly protected devices.
At the heart of Apple's security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.
As Apple highlights in a recent white paper (PDF) on iOS security, this hardware security involves the incorporation of a unique AES-256 key fused into each iOS device and which can not be directly read.
Access to the device's software can be restricted with a PIN passcode, and while the default passcode option for iOS is a four-digit number, users can opt to use significantly longer and more complex passcodes. And with brute-force attacks required to break iOS passcodes needing to be run on the device itself at a speed of 80 milliseconds per attempt, a device with an eight-digit passcode could take up to 15 years to compromise.
"There are a lot of issues when it comes to extracting data from iOS devices," says Amber Schroader, CEO of Paraben, a supplier of forensic software, hardware, and services for cell phones. "We have had many civil cases we have not been able to process ... for discovery because of encryption blocking us."
Most of the information included in this report is not particularly new, and Apple's white paper goes into more detail on the company's efforts to address security on iOS devices, but the report offers an overview of the layers of security Apple has built into its products.
Popular Stories
Apple released iOS 16.3 in late January following nearly six weeks of beta testing. The software update is available for the iPhone 8 and newer, and while it is a relatively minor update, it still includes a handful of new features, changes, and bug fixes.
Below, we've recapped new features in iOS 16.3, including support for physical security keys as a two-factor authentication option for...
Apple has discussed selling a new top-of-the-line iPhone alongside the Pro and Pro Max models in 2024 at the earliest, according to Bloomberg's Mark Gurman. Based on this timeframe, the device would be part of the iPhone 16 lineup or later.
In a September 2022 edition of his weekly "Power On" newsletter, Gurman said there was "potential" for an iPhone 15 Ultra to replace the iPhone 15 Pro...
Online retailer TigerDirect has slashed pricing on the M1 iPad Air in several colors, offering the base 64GB configuration for just $313.99 in Purple and Pink.
Note: MacRumors is an affiliate partner with TigerDirect. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
That's a savings of 48% compared to Apple's normal $599.00...
A new version of the Mac Studio with the "M2 Ultra" chip is unlikely to arrive in the near future, according to Bloomberg's Mark Gurman.
In the latest edition of his "Power On" newsletter, Gurman explained that since the upcoming Apple silicon Mac Pro is "very similar in functionality to the Mac Studio," Apple may wait until the release of M3- or M4-series chips to update the machine, or...
Apple today released new tvOS 16.3.1 and HomePod 16.3.1 software updates, with the software coming two weeks after the tvOS 16.3 and HomePod 16.3 updates were released.
According to Apple's release notes for HomePod software 16.3.1, the update includes general performance and stability improvements. Notes for tvOS 16.3.1 are unavailable as of yet, but are probably similar to the HomePod...
The iPhone 15 Pro models will feature a "buttonless design" thanks to additional Taptic Engines, according to multiple corroborated reports, so what do we know about the change so far?
Apple analyst Ming-Chi Kuo was first to report that the volume and power buttons on this year's two high-end iPhone models will adopt a solid-state design, similar to the iPhone 7's home button, replacing a...
Apple has reportedly considered releasing a new top-of-the-line iPhone alongside future Pro and Pro Max models, tentatively referred to as "iPhone Ultra," and one designer has taken it upon himself to envision what such a device could potentially look like.
German industrial designer Jonas Daehnert came up with this impressive-looking concept (pictured) by marrying design elements of the...
Google's Chromium developers are working on an experimental web browser for iOS that would break Apple's browser engine restrictions, The Register reports.
The experimental browser, which is being actively pursued by developers, uses Google's Blink engine. Yet if Google attempted to release it on the App Store, it would not pass Apple's App Review process.
Apple's App Store rules dictate...
Top Rated Comments
Hi this is Tom calling from Apple. We noticed some recent activity on your iTunes account potentially originating from your iPhone and we need your iPhone device passcode to verify whether or not these charges for $45,912 are fraudulent so we can refund your money.
...
Sure the passkey can be gotten from social engineering. However, this is not what this layer of security protects. This protects someone from accessing what is on the NAND memory if they have physical access to the device itself, but not the user (stolen/lost iPhone). This is a requirement for enterprises as they do not want their secrets to fall into the wrong hands.
As such, Blackberries were highly regarded.
"Not to be picky" is as certain the preceed pickiness as "with all due respect" is certain to forshadow an utter lack thereof.
Moreover:
That's not true.
Direct quote from Apple's white paper (http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf):
An eight-digit passcode would "only" take 92 days to compromise. A four-digit passcode (from my experience the most popular one) would only take 13 minutes to compromise.