A Russian software forensics firm has reported that it cracked the encryption on an iPhone, though it requires physical possession of the device.
Elcomsoft, which provides password recovery software and security audits, said it was able to decrypt an image of the data on iOS 4 devices. But the firm said it could only do so if it had the iPhone or iPad itself, as some of the encryption keys are stored in the hardware.
Apple uses the Advanced Encryption Standard, with a 256-bit key. The length of the key is usually considered strong enough that even law-enforcement agencies would have trouble breaking it. A brute force attack, using every possible key combination, would take billions of years for even the fastest computer to do.
On the company's blog, Vladimir Katalov, CEO of Elcomsoft, wrote that the earlier versions of iOS allowed some of the information on an iPhone to be backed up onto a user's personal computer via iTunes. iOS 4 solved part of the problem by allowing for hardware-based encryption of user data stored on iPhones as well as iPads and iPod Touch models. In addition, the files on the device are encrypted with a key unique to that device. Some files are also protected with an encryption key that is tied to a device and a user's pass code as well.
This time around it's not about iPhone backups, said Katalov, in a statement. Backups created with iTunes software already contain a lot of data, but not quite everything that's being stored or cached in iPhone devices. In contrast, we were able to break into the heart of iPhone data encryption, providing our customers with full access to all information stored in iPhone devices running iOS 4.
Elcomsoft says it will only sell the software (and the method) to law enforcement or government agencies.