I am reading this piece about Ray Ozzie’s key escrow proposal in Wired. A few random thoughts. wired.com/story/crypto-w…
1. First off, from a technical PoV this proposal (like most others) implies the existence of some ‘master key to all iPhones’. When that key gets stolen, there’s really no mechanism to detect it. 
2. More critically, Ozzie’s proposal relies on ‘a special chip inside the phone’ that bricks the phone if someone abuses the access mechanism. This is cute. It’s also (at present) a big fat giant elephant in the room.
3. Let’s be more clear about this. All Apple phones have a similar chip inside of them. This chip is designed to prevent people from brute-forcing the passcode by limiting the number of attempts you can make.
At present, every one of these chips appears to be completely broken.
At present, every one of these chips appears to be completely broken.
4. Specifically, there is some (as yet unknown) exploit that can completely bypass the internal protections provided by Apple’s Secure Enclave Processor. So effectively “the chip” Ozzie relies on is now broken. dailymail.co.uk/sciencetech/ar…
5. When you’re proposing a system that will affect the security of a billion Apple devices, and your proposal says “assume a lock nobody can break”, you’d better have some plan for building such a lock.
6. From my perspective, this problem alone is sufficient to make the Ozzie proposal unworkable.
7. ”Hold on,” I hear you cry, “so what if a few government agencies and hackers have a fancy 0day. That doesn’t mean anyone else will get it!”
Have I got a headline for you. motherboard.vice.com/amp/en_us/arti…
Have I got a headline for you. motherboard.vice.com/amp/en_us/arti…
8. So let’s recap. We are going to insert a backdoor into billions of devices. It’s security relies on a chip that is now broken. AND the people who broke that chip MAY HAVE LEAKED THEIR CODE TO EXTORTIONISTS ON THE INTERNET.
9. The extortionists are apparently demanding 2 bitcoins.
10. While this is not personal to Ozzie and I don’t hold him responsible for this, this episode exhibits all the characteristics of ‘crypto backdoor’ proposals since time began.
11. Assumes a security technology with yet-to-be-achieved resilience to attacks (insider and outsider) ✅
This technology is broken ✅
The break is comically accessible even by random criminals, not sophisticated nation state attackers ✅
This technology is broken ✅
The break is comically accessible even by random criminals, not sophisticated nation state attackers ✅
12. And honestly this is a GOOD thing — that a key component of Ozzie’s proposal is being broken in a comical, public, horrifying way. Because other parts will also be broken. We just won’t know.
13. I’m thinking specifically of the ideas that assume we can include a ‘master iPhone decryption key’ inside an HSM and everything will just be fine. Because “people store keys all the time and it’s ok.”
14. (I could go on about Hardware Security Modules for days while sounding like a lunatic. I promise not to. Read this instead.) cryptosense.com/blog/the-untol…
15. (Ok I lied. You might also ask where HSM manufacturers recruit their knowledgeable crypto/security employees. Hint: one of the biggest vendors is located here in Maryland. I assume similar things are true of the non-US manufactures.)
16. (Seriously, LinkedIn is your friend. Also, super nice people! I love you guys.)
17. Leaving hardware aside, the simplest answer to the suggestion that companies like Apple can “easily keep secrets” is that they *haven’t been able to*. Apple had a big stack of source code stolen last Fall. theverge.com/platform/amp/2…
18. While they haven’t turned up, the rumour I’ve heard from the jailbreaking community is that the leaked Apple code also included signing keys. So much for keeping secrets.
19. I would also inquire, without claiming any particular knowledge, whether Cellebrite or GrayKey have any recent Apple iOS engineers on the technical teams that developed their current iOS exploits.
20. This thread has gone on for way too long and I haven’t said half of what I wanted to say. But rather than bother you anymore, I’ll finish up with a quote from @ErrataRob, who sums up my feelings perfectly.
