How do you think the FBI managed to get the clear text of the infamous phone?

Paolo Bolzoni paolo.bolzoni.brown at gmail.com
Wed Mar 30 11:31:19 CEST 2016


Dear list,

I am aware it is out topic, but still I assume as we are security
oriented people (otherwise why being part of this email list?)
I think it is interesting food for thought.


As far as I understood the situation is:

The iPhone uses AES (256?) to encrypt the storage.

The phone owner, probably the only person who knew the password,
is dead.

To access the phone storage there is a Trusted Platform Module
(TPM) chip that should force the access to the storage through a
well known path: the Apple software FBI asked to change.

The TPM contains the AES key protected with the password, the
things FBI asked to change were:
1- removing the feature that the key is destroyed after 10 wrong
tries,
2- remove the forced delay between every wrong password attempt,
3- allow machines to try a password.


I far as I can see the only possible weak point is the TPM, it
should not be possible to workaround it. But it sounds even less
plausible to break AES directly or ask the dead person.


What do you know about this case?

Yours faithfully,
Paolo



More information about the Gnupg-users mailing list