On 31/03/16 09:53, Johan Wevers wrote: >> 2) Is it possible for the user to circumvent the potential problem of the >> device maker cooperating with his adversary to by-pass this protection, >> simply by using a pass-phrase of an appropriate length? Yes/no? > > Yes.
Can this be concluded from documentation supplied by Apple? Has it been independently verified? Your "Yes." strikes me as a pretty strong statement. I feel much more in line with this statement: On 31/03/16 04:31, Chris DeYoung wrote: > I imagine that the potential problem can be circumvented, yes, but not simply > by using a longer passphrase. I don't know whether it even allows that > option, but it really doesn't matter since you don't know what it does with > that passphrase internally anyway. Since you don't know, you can't trust it. And given that most people will use a PIN with abysmally low entropy, I doubt that the device even uses the PIN for entropy. They would implement this functionality just for those few people who unlock their phones with a proper passphrase? It's possible, but it would be nice if you supported your claim with documentation. Of course, it is pretty good snake oil to state in your documentation that the unlock PIN is used to encrypt the data. It sounds really good, unless you know about entropy, and that an attacker would probably need mere seconds to crack it (offline attack). 10 bits of entropy, seriously.... (PIN consisting of 4 decimal numbers taken as example, I don't know what Apple uses) My 2 cents, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
