Armed with only a 1GHz mixed-signal oscilloscope and an 500MHz logic analyser, the researcher manages to decipher the protocols.
An astute reader alerted me to a paper authored by Sergei Skorobogatov, Senior Research Associate at the University of Cambridge Computer Laboratory. I contacted Skorobogatov by email, who gave me permission to reference his paper, “The bumpy road towards iPhone 5c NAND mirroring.” Mirroring, in this case, is a synonym for duplicating, and NAND refers to the specific flash memory technology.
So how did he crack the phone with the given UID issue? In retrospect, it was obvious: he used the original iPhone. He disassembled the phone, built a connectorised daughter board holding the flash memory, and then tested six passwords until powering down, swapping memory boards, and then powering up. The new board, which was a duplicate of the flash memory before any password attempts, also stored the password counter. The phone thought, once again, that no passwords had yet been attempted. Skorobogatov would try six more codes, and swap again with another newly programmed memory board. At this point the procedure continues until the correct password is entered and the phone unlocks.
Figure 1: This shows the electrically hacked iPhone 5c ready for assembly. (Source: University of Cambridge Computer Laboratory)
Figure 2: This is a fully assembled hacked version of the iPhone 5c. Assembly below phone is pluggable flash memory. These assemblies are rotated after every six passcode attempts (a 45 second cycle) until the correct passcode is entered. Skorobogatov estimated that all four-digit passcodes could be entered in 20 hours, while six digit passcodes may require three months. (Source: University of Cambridge Computer Laboratory)
The reason Skorobogatov rotated the memory boards after six attempts, not 10, was that the phone would become locked, inserting increasing delays between password attempts. After six attempts, the delay was one minute, a longer time than merely performing another memory swapping process.
And, yes, test and measurement equipment was vital to Skorobogatov’s task. Skorobogatov’s paper is an interesting account of his efforts to decipher Apple’s largely undocumented protocols and duplicate the flash memory. Armed with only an Agilent MSO8104A 1GHz mixed-signal oscilloscope and an NCI GoLogic 500MHz logic analyser, Skorobogatov was able to not only decipher the protocols, but to debug some pretty nasty signal integrity issues in the hacked iPhone, now that it had a daughter board with connectors hovering above it.
Remarkably enough, the FBI had dismissed this technique. The FBI had used the 1789 All Writs Act to compel Apple’s aid in hacking the phone. A key criterion of the All Writs Act is that there is no other way to extract the needed evidence.
At a congressional hearing in early March of this year, Rep. Darrel Issa questioned FBI Director Comey on whether they had, indeed, exhausted all alternatives: “Does the 5c have non-volatile memory in which all of the encrypted data and the selection switches for the phone settings are all located in that encrypted data?” he asked. When Comey said he didn’t know, Issa answered his own question. “It does. That means that you can, in fact, remove from the phone all of its memory– all of its non-volatile memory, its disk drive, if you will–and set it over here and have a true copy of it that you could conduct an infinite number of attacks on.” That is probably the most technical discussion I have ever heard at a congressional hearing.
Now, with Sergei Skorobogatov’s research and paper, we know it can be done.