Using a magic wand to break the Iphones last security barrier presented at TyphoonCon 2022

by Tihmstar ,

Summary : In this talk, tihmstar will present his newest research on attacking the iPhone’s hardware AES crypto core through an EM-sidechannel in order to retrieve the hardware fused GID and UID keys.
The GID key is used to decrypt firmware updates. By extracting it, you can decrypt past and future firmwares without using a physical device as oracle.
The UID key is used for user data encryption. By extracting it, you can offline bruteforce the iPhone PIN code (which protects the data) using a GPU cluster.
For example you can break an 8 digit numeric PIN in just 27 minutes using a single GPU, compared to 92 days it would take to crack it on device. This scales linearly with the number of GPUs you use.