Relevant technical info re Apple iPhone cryptosecurity

[hozer@hozed.org (Troy Benjegerdes)]

On Thu, Feb 25, 2016 at 05:34:08PM -0300, juan wrote:
> On Thu, 25 Feb 2016 13:52:37 -0500
> Steve Kinney <admin@pilobilus.net> wrote:
> 
> > 
> > "These machines have two separate keys integrated into the silicon
> > of their Apple-designed processors at the point of manufacture.
> 
> 
> 	http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html
> 
> 	Hm. So, if you don't have the UID you can't run the key
> 	derivation function. And allegedly the UID is not known to
> 	apple...despite the fact that they (or their foundry) put the
> 	UID into the 'secure' crypto coprocessor...

That's called 'plausible deniability'.

If only the NSA/Mossad/MI5 funded janitorial staff grab the UIDs,
then both the fab and apple can pretend it's not happening.

Seems like the FBI and NSA are having a bad breakup over a little too
much LOVINT.

It seems much cheaper to actually and truly forget the UID once it's
been encapsulated in the chip package, than to risk that you might 
get Snowdened, and leave the spookery up to the spooks.