Apple’s iOS Security Guide on Passcodes and the Secure Enclave (PDF)

From page 12 of Apple’s most recent iOS security whitepaper:

By setting up a device passcode, the user automatically enables Data Protection. iOS supports six-digit, four-digit, and arbitrary-length alphanumeric passcodes. In addition to unlocking the device, a passcode provides entropy for certain encryption keys. This means an attacker in possession of a device can’t get access to data in specific protection classes without the passcode.

The passcode is entangled with the device’s UID, so brute-force attempts must be performed on the device under attack. A large iteration count is used to make each attempt slower. The iteration count is calibrated so that one attempt takes approximately 80 milliseconds. This means it would take more than 5.5 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers.

The stronger the user passcode is, the stronger the encryption key becomes. Touch ID can be used to enhance this equation by enabling the user to establish a much stronger passcode than would otherwise be practical. This increases the effective amount of entropy protecting the encryption keys used for Data Protection, without adversely affecting the user experience of unlocking an iOS device multiple times throughout the day.

To further discourage brute-force passcode attacks, there are escalating time delays after the entry of an invalid passcode at the Lock screen. If Settings → Touch ID & Passcode → Erase Data is turned on, the device will automatically wipe after 10 consecutive incorrect attempts to enter the passcode. This setting is also available as an administrative policy through mobile device management (MDM) and Exchange ActiveSync, and can be set to a lower threshold.

On devices with an A7 or later A-series processor, the delays are enforced by the Secure Enclave. If the device is restarted during a timed delay, the delay is still enforced, with the timer starting over for the current period.

The question of the day is whether the code on the Secure Enclave that enforces these brute force countermeasures can be flash-updated (by Apple) to circumvent them. With the iPhone 5C in the current debate, the FBI wants Apple to update iOS itself to circumvent the brute force countermeasures. With an iPhone 5S or any of the 6-series iPhones, iOS is not involved. But if Apple can technically update the code that executes on the Secure Enclave, then the point is moot. The same kind of court order that requires Apple to provide the FBI with a custom (insecure) version of iOS could compel them to provide the FBI with a custom (insecure) ROM for the Secure Enclave.

Update: Rich Mogull, on Twitter, responding to my question here:

@gruber It is my understanding, from background sources, that all devices are vulnerable.

And Farhad Manjoo:

By the way according to Apple it is not true that an iOS rewrite of the sort the FBI is asking for here wouldn’t work on newer iPhones.

In other words, a flash update to the Secure Enclave could make new iPhones more susceptible to brute force passcode cracking.

Wednesday, 17 February 2016