Stronger Cryptography for You, Courtesy of Apple

  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/captcha/captcha.inc on line 61.
  • strict warning: Declaration of views_handler_field_user_name::init() should be compatible with views_handler_field_user::init(&$view, $data) in /var/sites/e/enterpriseios.com/public_html/sites/all/modules/contrib/views/modules/user/views_handler_field_user_name.inc on line 61.
Your rating: None (2 votes)

On technologyreview.com, Simson L. Garfinkel has posted a look at the cryptographic features built into iOS. Over the last few years, Apple has successfully introduced strong encryption to the general public, causing all sorts of bellyaches for forensic analysts.

Now, with Apple's more sophisticated approach to encryption, investigators who want to examine data on a phone have to try every possible PIN. Examiners perform these so-called brute-force attacks with special software, because the iPhone can be programmed to wipe itself if the wrong PIN is provided more than 10 times in a row. This software must be run on the iPhone itself, limiting the guessing speed to 80 milliseconds per PIN. Trying all four-digit PINs therefore requires no more than 800 seconds, a little more than 13 minutes. However, if the user chooses a six-digit PIN, the maximum time required would be 22 hours; a nine-digit PIN would require 2.5 years, and a 10-digit pin would take 25 years. That's good enough for most corporate secrets—and probably good enough for most criminals as well.

This is a good time to remind you that with Mobile Device Management, you can set policies for minimum PIN length and complexity.

Share your ideas

mbernier's picture

mbernier

Joined: May 19, 2011
WWW

And not only PIN Codes, but

Your rating: None

And not only PIN Codes, but complex password with a minimum of complex characters, time to live, history etc ... etc ..

Everything you could find in a traditionnal GPO in a Windows Domain.

Top

Recent Activity