Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: bert

Wut?


49 posted on 03/13/2016 7:04:07 AM PDT by some tech guy (Stop trying to help, Obama)
[ Post Reply | Private Reply | To 47 | View Replies ]

To: some tech guy; bert
I think bert is saying (and he will correct me if I am wrong) that any authentication-protected content is either secure or it is not. In the small, localized iPhone system there is a separate processor to hold the (single) salt and perform hashing as part of decrypting the AES key. That processor is not accessible to attackers so the authentication cannot be brute forced or bypassed and the content is secured.

In a large system there can be a HSM. Those are typically only used to store keys rather than perform any authentication steps such as salting and hashing. But they can be used for that. And even large systems without HSMs can have strong security for that step, for example storing salts in a separate secure database firewalled from any other system except for the hashing system.

The caveat with the larger systems is they are comprised of general purpose operating systems, with the exception of the HSM. Those OSs can be hijacked or reimaged to provide a back door. Yet they are considered secure and very often are. Attackers are left with social attacks on the human weak link. Thus if those systems can be secured, an iPhone can also be secured.

50 posted on 03/13/2016 8:06:20 AM PDT by palmer (Net "neutrality" = Obama turning the internet over to foreign enemies)
[ Post Reply | Private Reply | To 49 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson