You can read through the details yourself if you want:
https://www.apple.com/business/docs/site/iOS_Security_Guide.pdf
The NAND itself is encrypted with AES 256. The passcode is the weak point, but to generate the AES 256 key from the passcode, you need the passcode
and the unique AES 256 key burned into the Secure Enclave on the SOC. The passcode is run through PBKDF2 and then tangled with the AES 256 key in a one-way operation.
So dumping the flash raw means you face AES 256 at full strength, even if you know the passcode, because you also need the AES 256 key from the SOC to be able to recreate the key yourself if you aren't just brute forcing AES.
The fastest way to crack an iPhone is to brute force the passcode and bypass the lockout on attempts if you can. It also gives you the most access to the content.
Individual containers/files can be encrypted with separate keys based on the level of access the OS should have in different states of lock/unlock, on top of the NAND encryption. So if you dump the flash unencrypted, you then also need to crack the containers for things like email and messages which are also AES 256 encryption. All the more reason to focus even more on the passcode and attempt lockout mechanisms.
Apple still manufactures the iPhone 8 and 3rd Gen Air. I wouldn't be surprised if we see manufacturing runs of those that include the patched boot ROM.
