Earlier this year, the New York Times ran a story claiming that almost every law enforcement agency in America was able to break into your phone.
A new report from Matthew Green, teacher of cryptography at Johns Hopkins, and his students, Max Zinkus, and Tushar Jois details what they?ve found. ?Authorities don?t need to break encryption in most cases, because modern phone encryption sort of sucks.?
Lots of people have wanted to break into phones.
There were reports that schools (schools!) were buying Cellebrite devices in order to break into student?s phones. (Schools should never have this capability. Ever.)
And the ACLU is suing the FBI over their breaking into encrypted phones.
If it?s true that phones are secured, and it?s equally true that many law enforcement agencies are breaking into phones with passcodes, phones that claim to encrypt our most sensitive data, that leaves one question:
How are they doing it?
Generally, jailbreak or other efforts need to be used to access the iPhone?s storage and memory.
There are Jailbreak and software exploits to access a phone?s data. Jailbreaks are usually used by consumers to run apps that aren?t on app stores, or modify the phone to personalize it. But they?re also used by third parties to bypass security and extract data from locked devices.
Local device data extraction is done over the USB port, using devices like Cellebrite?s, or tools from Elcomsoft.
Cloud data extraction is largely done by subpoenaing cloud providers for data stored on their servers. Apple, Dropbox, Facebook, and more can all be subpoenaed.
Here?s what Matthew Green, Max Zinkus and Tushar Jois found:
- Apple is kind of vague about what information is encrypted, and it appears that Apple encrypts less than they did in 2012.
- There are two states to the iPhone: Before First Unlock and After First Unlock.
- Security After First Unlock (99% of the time for your phone) is greatly reduced: only one of the keys that encrypt your phone is thrown away when you press the home button to lock the phone. The rest remain in memory.
Apple says that the
- Mail app database (including attachments)
- managed books
- Safari bookmarks
- App launch images
- Location data
Are protected by the user?s passcode on the device. Separately from those,
- Calendar excluding attachments
All implement the data protection protected until First User Authentication. That is, these are protected strongly only Before First Unlock.
In 2012, Apple stated that Mail, App Launch images, and Location Data were protected using the strongest encryption, called Complete Protection, and the key for these was discarded after a user locked their device. That?s more serious than what Apple says they?re protecting today.
What are the levels of protection Apple uses?
The types of protection Apple offers:
- Complete Protection: Encryption keys are thrown out after device lock (within 10 seconds)
- Protected Unless Open: (PUO allows files to be created and encrypted while the phone is locked, but only decrypted with the phone is unlocked. There?s a key kept in memory to make this possible.
- After First Unlock: Encryption keys are decrypted into memory when the device asks the user for the passcode for the first time. They remain in memory when the device is locked.
- No Protection: keys are encrypted by the hardware UID, not the passcode. These keys are always available in memory.
The researchers guess that Apple weakened protections on location data so that location-based reminders might work.
But what?s problematic is, data with the highest value to law enforcement has the weakest protection. Photos, texts, notes, and some location data.
One possible explanation for why it?s like this is, when everything is encrypted, it makes it difficult-to-impossible for applications to do things in the background for you.
What about Emergency SOS?
There is one other mode besides Before First Unlock and After First Unlock:
Cop Mode. Emergency mode is started by holding power and a volume button at the same time. Doing this and not calling emergency services will cause the iPhone to require the passcode, similar to Before First Unlock.
Emergency mode does the following to protect you:
- disables touch or Face ID
- Disables data on the USB port, which makes traditional methods of data recovery useless
It may not be a full return to the Before First Unlock state, but it definitely protects the phone against some attacks. Notably different from the Before First Unlock state is that the phone remains on Wi-Fi.
If you want it to work without calling emergency services, go to Settings, Emergency SOS, and toggle off Auto-call.
That?s nice for iPhone, what about Android?
That?s iPhone. Android is somewhat similar, in that Android devices use four methods to protect user data:
- user authentication
- Runtime verification
- Data encryption
- And application sandboxing.
There are two forms of data encryption on an Android phone: full-disk encryption, and file-based encryption.
There is a mode in Android similar to iPhone?s SOS mode. To enable Android?s Lockdown mode, go to Settings, Display, Advanced. At the bottom left, tap Lock Screen Display. Under ?what to show?, toggle Show Lockdown.
To enable Android?s lockdown mode, hold down the power button to open the power menu, and tap the padlock icon. When lockdown is enabled, Face Unlock will stop working, and you?ll need to use a pin or password. Smart Unlock will also be disabled.
What?s the final word on this
If you want to protect your phone, use a strong 10 digit passcode. If you think your phone may be taken by law enforcement and you want to protect your data, power it off. As a second-best, use Lockdown Mode or Emergency SOS mode, which will protect it somewhat, by disabling the USB port.
The security researcher?s report also covers more details than we have here, and talks in depth about cloud backups and Android. We?ll cover these kinds of details soon. To read the whole paper, go to securephones.io/main.pdf.