Yesterday we heard that a team of Russian forensic experts had managed to crack the encryption on the iPhone 4, and now the same forensic experts behind Russian security firm ElcomSoft have released a set of tools for cracking the encryption on Apple’s iOS devices.
The software comes in two parts, a password breaker, and another part which is able to extract numbers used for the encryption keys for iOS devices, which is used to decrypt images on iOS devices,the software will apparently only be available for law enforcement and forensic agencies.
ElcomSoft Co. Ltd. offers the complete toolkit for performing forensic analysis of encrypted user data stored in certain iPhone/iPad/iPod devices running iOS 4.x. The toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting phone secrets (passcodes, passwords, and encryption keys) and decrypting the file system dump. Access to most information is provided in real-time.
Updated 25th May 2011.
We just got an email from Vladimir Katlov, the CEO of ElcomSoft, to let us know that they didn’t actually crack the encryption on the iPhone 4, instead they found a way to extract the encryption keys from the iPhone, you can see the full details below.
Further, we never broke the encryption — being AES-256, it is not breakable. We have just found the way to extract the encryption keys from the device, and also break the passcode (it is mandatory because the encryption relies on it). Also, it is possible to decrypt the data even without the passcode, if one have a physical access to the computer the iPhone has been connected to (at least once), even without syncing — in that case, there are so-called “escrow keys” available.
Source Ars Technica