Quick post today. I read in this article that Apple’s new iPhone 6 includes an encryption algorithm with a user-specified key, to defeat attempts by governments to read private consumer traffic. Clearly pointed at NSA, this feature seems intended to reassure consumers that they can trust the iPhone platform with their most sensitive thoughts and secrets. Predictably, the government has reacted negatively to this feature, implying that it will mean the end of civilization, yadda yadda yadda. Google, of course, noted that they’ve offered such technology for years, although the consumer had to opt-in to turn it on.
Irrespective of whether you agree with the government or with the technology companies on this, I am skeptical of Apple’s claim that that this will actually do anything but slightly inconvenience an actor like NSA. Based on my understanding of the encryption technology in the new IOS 8, the algorithm requires the consumer to enter a 6-digit lower-cased alphanumeric string as the encryption key. With some simple math, it’s easy to see that this is a 6-digit base-36 number, with a value space of 36^6 values, or exactly 2,176,782,336 possible values.
I’ve read that Apple claims this will require “more than 5 1/2 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers”. A key with only two billion values takes over five years for someone to crack?
Let’s assume that the cracker has to resort to a truly brute-force attack on the key. Let’s assume they wanted to crack the key in one hour. Let’s assume that a single thread can evaluate only ten keys against a message per second (a conservative assumption). How many threads would they need?
Well, an hour has 3,600 seconds, so a given thread can crack 36,000 key values per hour. So to evaluate 2,176,782,336 keys in one hour, you would need 60,467 threads for a complete brute-force attack. Sounds like a lot of threads right? Well if we assume one thread per CPU, and we assume the cracker has hyper-threaded quad-core CPUs in their compute cluster, that means they can have eight hardware threads per computer, requiring only 7,559 computers to do the job. In an hour.
And that’s the worst case brute-force attack, where the very last possible key attempted is the one that decrypts the message. If a Gaussian distribution is at play, the odds say that it will take about half as long, or equivalently require only half as many CPUs to accomplish the goal in the same amount of time. That means 3,780 quad-core computers. And we’re assuming that the consumer did not do the likely bone-headed move and use their birthday, SSN, child’s name, or simply “123456” as their encryption key.
Do you really think NSA does not have that kind of compute capacity at their instant disposal? Please. With a big enough credit card, I could go stand up that many compute instances in AWS, even as I write this. It might take me a few days to get them all online, but if little old me can do it, do you really think NSA isn’t already prepared to do exactly that at any given moment?
Based on this, I think this is merely an Apple PR move, and the government’s protests about this are merely a wink-wink-nudge-nudge protest that the sky is falling. Nothing has changed here, folks. If Apple was serious about your privacy, they’d use 1024-bit encryption. As it stands, they’re using slightly better than 32-bit encryption. Apple must know this, too. I’ll let you decide whether or not this means Apple is working with NSA to provide a crackable illusion of privacy.