iPhone Full-Disk Encryption on Mobile?

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
Does the conception of Ful-Disk Encryption (e.g. FileVault2) exist on mobile devices?

I use my iPhone 6S Plus as a camera for field reporting, and am looking for ways to secure my photos and videos from, say, the police.

(Am asking here, since most of the "smarties" are in this forum!) ;-)
 

mfram

macrumors 65816
Jan 23, 2010
1,064
142
San Diego, CA USA
Yes, this already happens on recent versions of iOS. It's the default. But it's only as strong as the passcode or passphrase on your device. Be sure to choose a long passphrase to secure your device or it doesn't do any good.
 
Last edited by a moderator:

gnasher729

macrumors P6
Nov 25, 2005
16,982
3,897
Does the conception of Ful-Disk Encryption (e.g. FileVault2) exist on mobile devices?

I use my iPhone 6S Plus as a camera for field reporting, and am looking for ways to secure my photos and videos from, say, the police.

(Am asking here, since most of the "smarties" are in this forum!) ;-)
Everything on your iPhone is stored encrypted. It's not just full disk encryption, it is actually every single file encrypted with a different key, so if the NSA spends $100,000,000 to decrypt one file, they have no way to decrypt the next file with the same amount of money.

There is a masterkey which is derived from (a) a 256 bit key built into the CPU, and not accessible from the outside, (b) another randomly generated 256 bit key stored on your flash drive, and (c) your passcode.

Deriving the masterkey from the given data can only be done on your iPhone, because of the key built into the CPU, and takes about 80ms. There are measures that should prevent someone from just trying all possible keys, but someone might get around them. Nobody can get around the 80ms to test one passcode. An 8 digit passcode will take months to crack even if someone gets around all the security of the phone, a 10 digit passcode will take years.
 
  • Like
Reactions: Namara and satcomer

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
Everything on your iPhone is stored encrypted. It's not just full disk encryption, it is actually every single file encrypted with a different key, so if the NSA spends $100,000,000 to decrypt one file, they have no way to decrypt the next file with the same amount of money.
Just to be clear, I know *nothing* about smart-phones - I just use my iPhone as a pocket camera/video-recorder.

So you're telling me that if my iPhone 6S Plus had a passcode on it, and someone booted it up, that they would be unable to scan the hard-drive (?) and make out the meaning of any file or preferences or history or anything?


There is a masterkey which is derived from (a) a 256 bit key built into the CPU, and not accessible from the outside, (b) another randomly generated 256 bit key stored on your flash drive, and (c) your passcode.
When you say "flash drive" I think of a USB thumb-drive. I guess you mean the "hard-drive" of my iPhone?

How long can a passcode be?

Can it use all keys from the keyboard (?) of your iPhone?


Deriving the masterkey from the given data can only be done on your iPhone, because of the key built into the CPU, and takes about 80ms. There are measures that should prevent someone from just trying all possible keys, but someone might get around them. Nobody can get around the 80ms to test one passcode. An 8 digit passcode will take months to crack even if someone gets around all the security of the phone, a 10 digit passcode will take years.
So you're saying that an iPhone out-of-the-box - or at least with a certain version of iOS is basically "uncrackable" by default?

(Fwiw, I am asking about this - and other things to follow - because I want to learn more about protecting myself and the photos and videos I might take with my iPhone - esepcially if say i was documenting a protest with the police there and doing things that shouldn't be. But really, I need that protection in many situations as a budding journalist!)
 

DeltaMac

macrumors G4
Jul 30, 2003
10,286
2,702
Delaware
"How long can a passcode be?"
Do you really want to limit your passcode/passphrase to just "all keys from the keyboard"?

I have seen youtube videos purporting to show iOS login passphrases with more than 100 alphanumeric characters.
That should mean using the full keyset several times over.
(Not sure why you would want to do that, but seems possible. I would think that with 256-bit encryption, then 255 alphanumeric characters should be a good test.)
Memorizing that passphrase would be like memorizing the names and ages of all your wife's family
 

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
"How long can a passcode be?"
Do you really want to limit your passcode/passphrase to just "all keys from the keyboard"?
What are you saying? Using keys that are not on the keyboard?!


I have seen youtube videos purporting to show iOS login passphrases with more than 100 alphanumeric characters.
That should mean using the full keyset several times over.
I thought just a few years ago Apple made the huge jump from 4-digt passcodes to 6-digit passcodes?

Apparently they have opened up the passcode length in recent times?


(Not sure why you would want to do that, but seems possible. I would think that with 256-bit encryption, then 255 alphanumeric characters should be a good test.)
Not sure who would want to do what?


Memorizing that passphrase would be like memorizing the names and ages of all your wife's family
100 charater passcodes would be overkill. But an 8-15 character passcode would be much more secure than a 4 or 6-digit one. And if you can you letters and special characters - like on a computer - then going with a 15-30 character set up would be really secure.
 

DeltaMac

macrumors G4
Jul 30, 2003
10,286
2,702
Delaware
Yes, I think passcodes could go beyond 6 characters since iOS 9 (?), so probably for the last 5 years or so.
I just meant that you can use (all) the keys more than just once, if you feel the need for a nice, complex (ultra-long)passphrase.
Try it for yourself - Settings/ (~)Passcode/Change Passcode, then click Passcode Options, where you can go "Custom numeric" or "Custom Alphanumeric Code" (the most fun choice, I think!)
Again, not sure what the upper limit might be, but at least a few hundred characters. Let us know how you get on with that!
I will bet that once you get beyond 15 characters or so, that nothing in the normal universe of "code-crackers" will get to your pix.
 

HDFan

macrumors 68020
Jun 30, 2007
2,275
606
I use my iPhone 6S Plus as a camera for field reporting, and am looking for ways to secure my photos and videos from, say, the police.
There is no way to guarantee that actors may not be able to access your phone. A well-funded state entity gets access, apple makes changes to block them, the actor changes technique. Changes on a day to day basis.

Murky area - no way to know just what the current status is as the companies which do this charge huge sums for their techniques/hardware and aren't going to place newspaper ads.

My guess is that unlocking a phone is very expensive. Unless you are a very high priority target likely won't happen.

 

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
Yes, I think passcodes could go beyond 6 characters since iOS 9 (?), so probably for the last 5 years or so.
I just unboxed my iPhone last year after leaving it sit unopened in my closet for 3 years...

So I have no clue about smartphones or what is happening with them.


I just meant that you can use (all) the keys more than just once, if you feel the need for a nice, complex (ultra-long)passphrase.
Okay.


Try it for yourself - Settings/ (~)Passcode/Change Passcode, then click Passcode Options, where you can go "Custom numeric" or "Custom Alphanumeric Code" (the most fun choice, I think!)
One downside of using a passcode is that if you have to take a qucik snapshot, then you'll likely miss it by the time you log in...

Right now my iPhone has no password - just point-and-shoot which is still often too slow for me. :-(


Again, not sure what the upper limit might be, but at least a few hundred characters. Let us know how you get on with that!

I will bet that once you get beyond 15 characters or so, that nothing in the normal universe of "code-crackers" will get to your pix.
I agree that anything over 15 characters has deminishing returns. (Well, for my Mac, I'd say 30 characters, since I use "pass-phrases".)
 

DeltaMac

macrumors G4
Jul 30, 2003
10,286
2,702
Delaware
But, no need to you to use the passphrase, particularly if you want to be ready for pictures. You would quickly unlock your iPhone with FaceID, or on older models, TouchID. Opens up about as fast as you can take it out, bring it into position, and shoot... re-lock when you are done. Wouldn't take much longer than what you just read ...
And, those features won't work if someone else (not you) wants to log in to your iPhone. The passcode/passphrase would be needed then.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
48,546
17,191
One downside of using a passcode is that if you have to take a qucik snapshot, then you'll likely miss it by the time you log in...

Right now my iPhone has no password - just point-and-shoot which is still often too slow for me. :-(
Camera is accessible when the phone is locked. Depending on the phone model there's either a camera shortcut button on the lock screen that you can press or you can swipe right on the lock screen to access the camera quickly.

That aside you can usually have Touch ID or Face ID (depending on the device) enabled which makes unlocking something that can be done pretty quick.
 
  • Like
Reactions: DeltaMac

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
There is no way to guarantee that actors may not be able to access your phone. A well-funded state entity gets access, apple makes changes to block them, the actor changes technique. Changes on a day to day basis.
So just to confirm... Out of the box, iPhones encrypt every file on your SSD the moment you add a passcode?

There is no enabling the equivalent of full=disk encryption - it just happens by default when you add a passcode?

If so, why doesn't Apple do that with macOS?


Murky area - no way to know just what the current status is as the companies which do this charge huge sums for their techniques/hardware and aren't going to place newspaper ads.

My guess is that unlocking a phone is very expensive. Unless you are a very high priority target likely won't happen.

Thanks for the article!! Scary how you are never truly 100% safe... :oops:

Do you think it was a case of a weak passcode, or do "the bad guys" now have a leg up on the battle for privacy and security?
 

zorinlynx

macrumors 603
May 31, 2007
6,051
8,565
Florida, USA
So just to confirm... Out of the box, iPhones encrypt every file on your SSD the moment you add a passcode?
The filesystem on the iPhone is encrypted from the start, passcode or not. The decryption key is then encrypted with your passcode and various other hashes.

Keeping your data secure is one reason; the other reason is so that when you wipe a device, the whole of the phone storage doesn't have to be overwritten to remove your data. Instead, iOS simply trashes the encryption keys.
 

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
But, no need to you to use the passphrase, particularly if you want to be ready for pictures. You would quickly unlock your iPhone with FaceID, or on older models, TouchID. Opens up about as fast as you can take it out, bring it into position, and shoot... re-lock when you are done. Wouldn't take much longer than what you just read ...
And, those features won't work if someone else (not you) wants to log in to your iPhone. The passcode/passphrase would be needed then.
@DeltaMac,

Hang on, you lost me...

My goal is to start better protecting the information on my iPhone - as I have no security right now!

This would mostly be photos and videos.

Who am I protecting it from?

Well, I am a budding investigative reporter/photo-journalist, and am on the lookout for companies and the gov't (including law enforcement) doing bad things.

So, for instance, if I was shooting a protest where law enforcement was starting to get "rough" with people, and I shot some photos/video, and then was confronte by l.e. demanding to see the footage, moving forward, I need a way to 100% guarantee that they cannot access my footage should they grab the phone out pf my hands.

How would face id or a fingerprint help me?

You can *force* someone to unlock their phone by shoving their face or finger in front of the iPhone and unlocking it, right?

You can also lift people's fingerprints from things like a coffee cup and use that to get in.

But with a passcode, you'd either have to guess it, or force me to give it to you. (Torture can be effective in this case, but let's go wild, assume that Trump's autocracy falls in November, and *hope* the U.S. doesn't turn into that - although we are kinda lready there?!)

The downside of a passcode, though, is by the time I type in my 100-digit passcode, :) getting a picture of some breaking news might be long gone?!

So how can I have the best of both worlds?

I love my iPhone as a field camera/video-camera, but I already struggle to get it to react fast enough to situations even WITHOUT a passcode on it.

By the time I pull it out of my front pocket, click twice on the round button on the front to get it to wake up, then often have to click on the Photos button, maybe have to select "Photo" to get the camera, pull it up and shoot, I have easily lost 1-3 seconds and often the moment is gone... :(

(On side note, I wish there was a way to make my iPhone like a digital SLR where it is literally "point-and-shoot", but I haven't figured out how to do that...)

Hope that helps to better explain my end goals.

Thanks.
 

DeltaMac

macrumors G4
Jul 30, 2003
10,286
2,702
Delaware
But, you don't need to unlock your iPhone just to take a picture/video.
You would unlock to view or transfer pictures/video.

But, sounds like you expect that your picture-taking will likely end badly. Maybe an iPhone is not your best choice for "in the action" photos, eh?

"100% guarantee that "they" cannot access your footage"? Maybe a "self-destruct" accessory that will destroy your phone if it is pulled from your hands. Probably not too hard to rig that up with a wrist lanyard, connected to some kind of flash pack. If the two are separated, it goes off. That would be pretty secure :D
 

Texas_Toast

macrumors 65816
Original poster
Feb 6, 2016
1,305
206
Texas
@DeltaMac,

But, you don't need to unlock your iPhone just to take a picture/video.
You would unlock to view or transfer pictures/video.
Pardon my ignorance, but how can you take a picture if your phoe is locked?


But, sounds like you expect that your picture-taking will likely end badly. Maybe an iPhone is not your best choice for "in the action" photos, eh?
Not so far, but after the whole George Floyd thing - plus like every other article I read online from sources like the NYT and WP - it feels mor elike we live in Beijing than Kansas!

What are you suggesting if you don't think an iPhone is the best choice?


"100% guarantee that "they" cannot access your footage"? Maybe a "self-destruct" accessory that will destroy your phone if it is pulled from your hands. Probably not too hard to rig that up with a wrist lanyard, connected to some kind of flash pack. If the two are separated, it goes off. That would be pretty secure :D
*LMAO*

And which forum should I post asking for help to reattach my arm? ;-)

Fwiw, I actually stumbled across a thread = I think on MacRumors - that talks about an app from the ACLU that streams, or at least uploads, your video to ACLU servers so if your phone is confiscated, they have the phone, but not the photos/videos?! :cool:

(Not having a functional iPhone yet, I didn't read up on how it works, and if you have to "submit" things before they grab the phone, or if it is a real-time stream so you are always covered. But it's a helluva idea in the trying times!!)

Btw, I posted a new post in my thread about SIM cards that I could use some help with. Am thinking of pulling the trigegr tomorrow and breaking down and getting a mobile plan for my iPhone... :eek:
 
Last edited:

C DM

macrumors Sandy Bridge
Oct 17, 2011
48,546
17,191
Pardon my ignorance, but how can you take a picture if your phoe is locked?
Mentioned in an earlier reply:
Camera is accessible when the phone is locked. Depending on the phone model there's either a camera shortcut button on the lock screen that you can press or you can swipe right on the lock screen to access the camera quickly.

That aside you can usually have Touch ID or Face ID (depending on the device) enabled which makes unlocking something that can be done pretty quick.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.