The Technology Review is out with a feature piece on Apple’s iPhone noting that the revolutionary smartphone introduced by Steve Jobs in 2007 has evolved significantly from a security standpoint.
Titled “The iPhone Has Passed a Key Security Threshold,” the analysis looks at Apple's security architecture which has been deemed sturdy enough that it can now be used for mobile payments “which bring Apple significant revenue in the form of commissions.”
“At the heart of Apple's security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001,” reads the piece.
“After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key.”
AES-256 is now used by the National Security Agency (NSA) for storing top-secret data.
However, the iPhone’s strong security sometimes poses problems too. These emerge when forensic detectives are tasked with having to recover information from a handset.
Amber Schroader, CEO of Paraben, a supplier of forensic software, hardware, and services, explains that, “There are a lot of issues when it comes to extracting data from iOS devices. We have had many civil cases we have not been able to process ... for discovery because of encryption blocking us.”
The problem arises when an investigator is tasked with having to try to recover data from an iPhone that has been powered off. When the iPhone is turned off, the copy of the encryption key in the accessible memory is erased.
“That is why an investigator who gets a suspect's phone would have to try all possible keys—the task deemed impossible by the NSA,” says the report.