Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Swordmaker

By passcode, does this include the basic entry to unlock the phone? Or is this hypothetical 16 digit passcode somewhere deeper in the system, or inside some encryption app that then applies to email, etc?


23 posted on 11/03/2015 1:24:11 PM PST by DesertRhino ("I want those feeble minded asses overthrown,,,")
[ Post Reply | Private Reply | To 21 | View Replies ]

To: DesertRhino
By passcode, does this include the basic entry to unlock the phone? Or is this hypothetical 16 digit passcode somewhere deeper in the system, or inside some encryption app that then applies to email, etc?

The passcode is either the four digit number, which will be entangled with the UUID, or now, with iOS 9 which defaults to a six digit passcode, or the user can opt to use a complex alphanumeric/symbolic passcode which can access 223 characters from the keyboard, all of which will be entangled with the UUID. None of which is kept on the device.

If the user opts for just the four digit numeric passcode, the key would be constructed from that number plus the 128 character UUID, making a 132 character key. That is STILL a very difficult key to break. The number of possible keys is 132223. . . a number far larger than a Googol.

Of course, it is much easier for someone to watch the user unlock his device and observe his passcode and note which four digits he uses than to observe and note which sixteen characters he may be using, if he opts for a more complex passcode. Once a crook or cop knows the passcode, there is nothing to stop them from getting in.

The passcode, the key, etc. are converted to a one-way HASH which is stored in the Secure Enclave portion of the Processor. Each time the user enters the passcode, the one-way HASH is recalculated and then compared with what is stored in the Secure Enclave. If it matches, the device is unlocked. The user is allowed five attempts to input the passcode. . . if those five attempts fail, the device is locked and will require use of the owner's AppleID and an unlock signal to be sent from Apple to re-activate the device. The user can also opt to have the device erased completely after a set number of attempts. The user can also remotely erase the device if it is stolen or out of his control.

It the device is openable by the TouchID sensor, the pattern is also kept as a one-way HASH in the Secure Enclave. Incidentally, the TouchID sensor doesn't use the fingerprint, it uses the ridges and the valleys of the fat pads under the epidermis of the finger. No photo or pattern of fingerprints is kept on the device. If the device is not opened for 48 hours, or the device has been turned off, the passcode must be used. Again, if a number of failed attempts is tried, then an AppleID is required to access. . . or the device can be erased.

26 posted on 11/03/2015 1:42:04 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 23 | View Replies ]
To: DesertRhino
By passcode, does this include the basic entry to unlock the phone?

That's exactly what it means. . .

27 posted on 11/03/2015 1:43:18 PM PST by Swordmaker ( This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 23 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson