Some Background Story
The FBI acquired the iPhone of dead terrorist Syed Farook back in December, but it is locked, and the encryption technology on the Apple device prevents them from accessing its contents. The FBI has obtained a court order requiring Apple to create custom firmware that disables key security features and install it on Farook’s iPhone in order to unlock the device.
Apple is refusing to comply, as such iDevice-cracking code is simply too dangerous to create and once created, impossible to stop it from potentially being leaked.
Apple’s CEO Tim Cook has responded to this outrageous court order in his open letter to customers. Cook described the FBI’s actions as an “unprecedented step which threatens the security of our customers.” The government suggests that this tool could only be used once, on the one phone, but that’s simply not true. Once this firmware is created, it could be used by the FBI over and over again, on as many devices as they could get their hands on.
The result has been a week-long dispute between the world’s most profitable company, and the USA’s top law enforcement agency.
The government wants Apple to write extra code that could be installed on this device with three key elements:
- Disable or bypass the auto-erase function of iOS: This erases your phone if too many wrong passwords are input.
- Remove the delay on password inputs: This would allow the FBI to bruteforce the passcode on the phone, without it locking them out for minutes or hours. iOS has this feature in case there is a theft of an iDevice. This feature stops the thief from accessing any information on the device if too many password attempts were to be made. The inputs would be lowered to around 80 milliseconds, which would allow a 4-digit PIN to be bruteforced in under an hour, or much longer if it were more digits.
- Allow the FBI to submit passcodes: Using such methods as the lightning connector port on the phone, Bluetooth or WiFi, passwords could be submitted without user interaction, allowing for the bruteforcing method to be successful.
If the FBI gains access to such a code payload that disables all the above security features, they would have access to iDevices just like a master key would unlock all safes of a manufacturer. If the backdoor were to be accidentally or intentionally leaked, hackers would have the ability to unlock iPhones willy-nilly without any security blocks or consequences. This would be devastating to the reputation of Apple having ultra secure devices.
All Writs Act
The All Writs Act is a United States federal statute, which authorizes their courts to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.” The US federal government has been referring to this Act to gain access to password protected mobile phones in cases such as this terrorism investigation.
The All Writs Act, passed in 1789 (yes, a 2 1/4-century-old law), is being used to force Apple to comply. If the act is successful in the attempt to force Apple to comply, it would significantly weaken Apple’s products and their security will likely be at the core of their defense when this gets to the courts.
The Secure Enclave and the Proposed Solution
There is a section on all iDevice processors, iPhone 5S and later, called the Secure Enclave.
Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of the chip and the rest of iOS. Therefore, iOS and other apps never access your fingerprint data, it’s never stored on Apple servers, and it’s never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can’t be used to match against other fingerprint databases.
Apple. 2015. About Touch ID security on iPhone and iPad. Retrieved March 18, 2016, from https://support.apple.com/en-us/HT204587.
iPhone 5s’s A7 processor is based on the ARMv8 processor, developed by ARM Limited. Apple needed a processor that had dedicated hardware on it to secure important information such as the biometrics of TouchID. ARMv8 has a specialised subprocessor that secures peripherals such as secure memory, crypto blocks, keyboard, screen and sensors, to ensure they can be protected from software attack. This is exactly what Apple needed for holding biometric data and keeping it from being accessed via software to unlock a phone unauthorised.
I believe a possible method to resolve this issue would be for Apple to hold a single physical device that could be connected up to an iDevice to unlock it. The Secure Enclave of every device released from now-on could have an exception to allow this device to unlock it. If only Apple has this device, only Apple could decide when to use it and would be the sole users of it. This would prevent the possibility of code being leaked and used by hackers, and would allow Apple to choose when it was necessary to be used.
Problem solved? Let me know in the comments what you think about my proposed solution, or post your own ideas for potential solutions down below.
This is Daniel Jochem, signing out.