Monday, August 10, 2009

iPhone 3GS Hardware Encryption Easy to Circumvent

Via -

A mere three days after I published an article touting the enhanced security of the iPhone 3GS - see "iPhone 3GS Offers Enterprise-Class Security for Everyone", 2009-07-20 - security researcher Jonathan Zdziarski revealed a simple, only moderately technical technique for completely circumventing the iPhone's passcode lock and encryption. As a result, the iPhone 3GS encryption can no longer be considered a security control for consumers or enterprises until Apple releases a fix.

Although encryption is one of the most fundamental tools available in the security arsenal, it can be difficult to implement properly. In this case, it isn't that the encryption itself is flawed (although that happens), but that the implementation of the encryption leaves cracks for attackers.

Implementation issues that can hamper encryption security include generating keys improperly, protecting them poorly, exchanging them insecurely - and even leaving doors wide open such that the encryption can be sidestepped entirely. This has allowed exploits in WEP (Wired Equivalent Privacy) in Wi-Fi (which also had cryptographic flaws), early SSL implementations in Web browsers, and stored passwords in most major operating systems.

It appears that Apple made a fundamental mistake in encrypting the iPhone 3GS. It's a mistake we've seen before in other tools, but one Apple has managed to avoid elsewhere, such as Mac OS X's FileVault.

No comments:

Post a Comment