category

Crypto is hard to understand at first. Maybe this will help

cryptography

On an iPhone, the passcode *is* the encryption key. It is not stored on the iPhone nor sent to Apple. If you forget the passcode, you must restore. Apple cannot help you. The system was deliberately designed this way, both to protect users and protect Apple.

If you enter several wrong passwords in a row, the iPhone locks you out for a few minutes. This prevents brute force attacks. It also waits a little bit while processing passcode attempts, to prevent them being made ultra-rapidly.

Every iPhone has a special ID. If the ID is changed or absent, the phone is bricked. This means passcode attempts have to be done on the physical iPhone itself. Taking out parts in hopes of cracking it faster simply results in a brick.

iPhones allow passcodes that can be much longer than 6 characters and they can be alphanumeric. A 15 character alphanumeric passcode would be a pain to type for sure, however it would be secure from any known attack (except perhaps the tried and true, “give us the password or we break your kneecaps”.)

There is also an option to delete data if ten wrong passwords are entered. This probably doesn’t actually delete the data, because it doesn’t have to. The data is already encrypted. It simply deletes the encryption key, making it impossible to decrypt.

Data encrypted with serious crypto and a good passphrase can’t be cracked by any known means in anything less than centuries. One common method of encrypting involves generating two ginormous prime numbers, multiplying them to get a composite number, then using the composite number to create the encryption key. The primes can be 100 digits long. Thus the composite number is 200 digits long. To break the crypto you have to factor it back into the primes. That’s simply not doable today in any reasonable time by any computer. As a math PhD explained it to me, “It’s easier to multiply than divide.”

Comments are closed.

Powered by WordPress. Designed by WooThemes