What am I missing? (Again)

Peter Lebbing peter at digitalbrains.com
Thu Mar 31 19:52:28 CEST 2016

On 31/03/16 09:53, Johan Wevers wrote:
>> 2) Is it possible for the user to circumvent the potential problem of the
>> device maker cooperating with his adversary to by-pass this protection,
>> simply by using a pass-phrase of an appropriate length? Yes/no?
> Yes.

Can this be concluded from documentation supplied by Apple? Has it been
independently verified?

Your "Yes." strikes me as a pretty strong statement. I feel much more in line
with this statement:

On 31/03/16 04:31, Chris DeYoung wrote:
> I imagine that the potential problem can be circumvented, yes, but not simply
> by using a longer passphrase. I don't know whether it even allows that
> option, but it really doesn't matter since you don't know what it does with
> that passphrase internally anyway. Since you don't know, you can't trust it.

And given that most people will use a PIN with abysmally low entropy, I doubt
that the device even uses the PIN for entropy. They would implement this
functionality just for those few people who unlock their phones with a proper
passphrase? It's possible, but it would be nice if you supported your claim with

Of course, it is pretty good snake oil to state in your documentation that the
unlock PIN is used to encrypt the data. It sounds really good, unless you know
about entropy, and that an attacker would probably need mere seconds to crack it
(offline attack). 10 bits of entropy, seriously.... (PIN consisting of 4 decimal
numbers taken as example, I don't know what Apple uses)

My 2 cents,


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list