Relevant technical info re Apple iPhone cryptosecurity

[juan]

On Thu, 25 Feb 2016 13:52:37 -0500
Steve Kinney <admin at pilobilus.net> wrote:

> 
> "These machines have two separate keys integrated into the silicon
> of their Apple-designed processors at the point of manufacture.


	http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html

	Hm. So, if you don't have the UID you can't run the key
	derivation function. And allegedly the UID is not known to
	apple...despite the fact that they (or their foundry) put the
	UID into the 'secure' crypto coprocessor...

`


> The two, paired together, are used to encrypt data and software
> stored on iPhones and iPads. One, the User ID, is unique to an
> individual’s phone, and is not retained by Apple. That key is
> vital to protecting an individual’s data and — particularly on
> Apple’s latest devices — difficult to steal. A second key, the
> Group ID, is known to Apple and is the same across multiple Apple
> devices that use the same processor. The GID is used to encrypt
> essential system software that runs on Apple’s mobile devices."
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (GNU/Linux)
> 
> iQIcBAEBAgAGBQJWz010AAoJEDZ0Gg87KR0LE78QAIUPc8cfT7wkWUKuY1XcpewY
> FyuFOM2feDiQDcLCxDk0jgGISS+0G3V7lK+JRoN83LPrd0WiXKi2Ermp2VKMNkN/
> G4FMTVkLE6b3VJ0yPYOjXGR0kFg8pHmBsxn6TTeHkefe7sNMijaq9lXaIQqRXqBA
> xXfyKGzbEwUaQW7AZB0gpS51HVMFA/NJpeGkfiJ/HxzQOHU8BoyXKHqvTEPryQEG
> wvncgg16w3NRIlpYP4RAbYCyqwAGZQ9wt98bZbl74zQO4oIm6a2eUVKpdu80ymk6
> KKZXWO/28ujZ+Tdya5dppso1QheY4UUIkTfaExAsJZTVCZQA3Or6DCXKpt8w2+kv
> 0OxpfQ3XdSMfPZVwijvPIzp/qrD3cbyoOc4eUQWe7fQ8YaVZyiLtggH0ZT07XFiB
> BQ/gC3bAg2HHN01BhGMMQ84MwHTtqHyQJsxSWaQn2IK0hsAe1391Xk1yF23luw5/
> TMuLXJ0GKDMMlT8CAdn3lpMzwG2mbU9igKmR9sZyz7jTRx710pCvxZOdfi4Ld0ru
> eNNguLdWg14iYFFkZqSj4qxwkscnhPT3Uub0Yh4MnTVa6Yh7Ud4Dw11x0+43HqO8
> 96cqArs8Hx9qj+7czaK73uRBerVYicfZwtwsmLOeDpUhFv3CEhC+t3X7T0al3sv6
> 185sCwU15KQpcsii4r9R
> =tvGR
> -----END PGP SIGNATURE-----