Apple has been served with a court order at the FBI's request, demanding that it assist the government agency with unlocking an iPhone 5C that was used by Syed Rizwan Farook. Farook and his wife, Tashfeen Malik, killed 14 and injured 24 in an attack in San Bernardino, California on December 2, 2015.
In response, Apple CEO Tim Cook said that the FBI was demanding the equivalent of a backdoor and that complying with the FBI's demand would undermine the security of all iPhones.
Whether you call it a "backdoor" or not, it's important to recognize that the ordered changes to the iPhone operating system would not circumvent the core of the iPhone's encryption. The court isn't asking Apple to defeat the encryption in any way. Nor does the court require Apple to create a vulnerability that would jeopardize the security of any other phone. Rather, it's asking Apple to do the one thing that Apple alone can do: use the iPhone's built-in method of installing firmware written by Apple.
The FBI wants to search the iPhone 5C and has been granted permission to do so by the device's owner, the San Bernardino County Department of Public Health (Farook's employer). To perform this search, the FBI needs the device's PIN. Without it, the government has no way of decrypting the iPhone's storage and hence no way of examining any data stored on the device.
The encryption used by the iPhone to protect its storage is a multi-tiered system. At its core are two keys, one embedded in the hardware and the second derived from the PIN. The hardware key is used to generate a file system key that is in turn used to encrypt the file system metadata. That metadata includes an encryption key for each individual file. That per-file key is encrypted using (indirectly) an encryption key that is derived from a combination of the hardware key and the PIN key. As such, without the PIN key, it's impossible to decrypt those per-file keys and hence impossible to decrypt files stored on the iPhone.
Fore More Details at: http://arstechnica.com/apple/2016/02/encryption-isnt-at-stake-the-fbi-knows-apple-already-has-the-desired-key/
No comments:
Post a Comment