The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:GID Key"
m (moved from NCK page (correct here?)) |
(→Keys: new section) |
||
Line 35: | Line 35: | ||
== side-channel attack == |
== side-channel attack == |
||
Some super-smart guy should try that http://m.technologyreview.com/communications/39855/ --[[User:M2m|M2m]] 09:53, 12 March 2012 (MDT) |
Some super-smart guy should try that http://m.technologyreview.com/communications/39855/ --[[User:M2m|M2m]] 09:53, 12 March 2012 (MDT) |
||
+ | |||
+ | == Keys == |
||
+ | |||
+ | I think we should list the keys for all processors here. Anyone agree? --[[User:5urd|5urd]] 16:29, 17 June 2012 (MDT) |
Revision as of 22:29, 17 June 2012
Contents
drg
Would this be vulnerable to a cold boot attack?
geohot
I really doubt the AES key is ever in memory. This is an attack against drive encryption, not hardware coprocessors. Fault analysis or timing would be our best bet.
Vaumnou
Unless you can cause read faults by browning out the chip or the ROM is external, you can't use fault analysis. And if the ROM is external, it would probably be easier to unsolder it and read it directly.
pumpkin
it isn't external
Vaumnou
Then the only way to do fault analysis would be to poke around on the chip directly. Is it known whether the die is face-down or face-up on the PCB?
ta
this sounds like a job for leet hacking super hero TA Mobile!
geohot
Hopefully the amount of time varies from encrypt to encrypt, although I believe most AES engines are fixed in time.
Browning out the chip is more what I was thinking. Probing the chip is far beyond my abilities, but I could brown the chip out for a clock cycle or two and determine where in the pipeline I am. I would need to know a lot more about the coprocessor design. It is standard? HDL model out there?
Vaumnou
According to Wikipedia, the known timing attacks for AES are *cache* timing attacks. This won't work if the hardware crypto engine has one-cycle read access to its ROM, and I know of no reason why it wouldn't.
side-channel attack
Some super-smart guy should try that http://m.technologyreview.com/communications/39855/ --M2m 09:53, 12 March 2012 (MDT)
Keys
I think we should list the keys for all processors here. Anyone agree? --5urd 16:29, 17 June 2012 (MDT)