Data encryption is readily available. There are at least 60 software applications that provide military grade (256bit AES) encryption, many of them free. These are not controllable by the Chinese or any government. This is the same encryption method that the NSA uses to keep our secret data secret. If Apple were forced to build a back-door into their encryption, users who want their data and financial info secure would likely switch their encryption to one of these others. Apple's approach using the Secure Enclave adds some defense to brute force attacks. Basically this is what the FBI wanted from Apple. They wanted Apple to eliminate the iPhone's ability to erase the data after a certain number of failed attempts. They also wanted a method to speed up the brute-force hack attempts. How long is your encryption key? Using the fastest super computers to attempt a brute-force crack on an encryption key could take years if you have chosen a very long key. The number of possible keys goes up exponentially with each added character in your key. Of course, if you are in China and choose not to give up your encryption key to the government, you may disappear forever.
- Last Active
Some math for those interested in these things. Last I looked into this there were 77 possible options to use for each character in an IOS passcode. 26UC, 26LC, + 10 numbers + 15 special ASCII printable characters. To determine the possibilities you multiply 77 times itself for the number of characters in the passcode.
According to this article it now takes the FBI 18 seconds per brute force attempt to hack the new Apple IOS. Frankly, I think FBI's Flatley misspoke as the length of time needed increases exponentially as the number of characters in the passcode increases. I also suspect accuracy of the 18 seconds per attempt quoted.
6 character passcode = 208,422,380,089 permutations (77x77x77x77x77x77)
@ 18 seconds per attempt would take 7,137,752.7 years to try every code. 50% of the time the hack could take half as long or 3,568,876.4 years.
@ 45 attempts/sec = 8,803.2 years to try every code. 50% of the time the hack could take half as long or 4,401.6 years.
12 character passcode = 43,439,888,521,963,600,000,000 permutations (77x77x77x77x77x77x77x77x77x77x77x77)
@ 18 seconds per attempt would take 1,487,667,415,135,740,000 years to try every code. 50% of the time the hack could take half as long or 743,833,707,567,870,000 years.
@ 45 attempts/sec = 1,834,789,812,000,750 years to try every code. 50% of the time the hack could take half as long or 917,394,906,000,373 years.
So even without Apple's enhanced security improvement you can thwart the brute force hacks by using a long and complex passcode. It is possible that the FBI or other highly funded organization could set up multiple hacking stations to run simultaneously. Apple also gives us the option to erase after 10 failed attempts.
Long passcodes using special characters with no logical meaning are good insurance against this brute force method of attack.