Bruteforcing an iPhone: Where is the Key?
There's been rumors the terrorist's iPhone would be cracked with a help of NAND mirroring. I doubt this can be done. If it could it'd mean the iPhone design is not that secure. The root of the problem the FBI has is the contents of the NAND memory is wiped out after 10 unsuccessful PIN code attempts. I think this is a simplification. If the memory is protected, it is encrypted, likely with AES-256, which is unbreakable (unless there is a backdoor...). Encrypting information is always the easy part. Protecting encryption keys is the hard one. I don't know how iPhones protect encryption keys but I believe the keys are not stored in an external memory. I believe they never leave the application processor. And really "wiping out the contents" of an iPhone means wiping out the encryption key. Without that key and assuming AES-256 holds, even zillions of copies of the external flash would not help. This brings me to an interesting IoT - related observation:...