According to a MIT Technology Review, which reports that the US Department of Justice struggles to perform examinations of iPhones and iPads seized from suspects because of the increasing use of encryption.
“I can tell you from the Department of Justice perspective if that drive is encrypted, you’re done,” Director of Department of Justice’s cyber-crime lab, Ovie Caroll said during his keynote address at the 2012 Digital Forensics Research Conference. “When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data.”
MIT said that Apple’s security architecture makes it easy for consumers to use encryption, and difficult for someone else to steal the encrypted data. Apple uses AES-256 to encrypt data, the same algorithm uses by the US National Security Agency to encrypt Top Secret data.
It’s also difficult to crack the PIN code on iOS devices. Investigators have to try every possible PIN using a brute-force attack with special software to ensure that the iPhone doesn’t wipe itself when the wrong PIN is entered too many times. A six digit PIN could take up to 22 hours, says MIT, a nine-digit PIN would take two and a half years, and a 10-digit pin could take 25 years. “That’s good enough for most corporate secrets – and probably good enough for most criminals as well,” reads the report.
“There are a lot of issues when it comes to extracting data from iOS devices,” Amber Schroader, CEO of Paraben, a supplier of forensic software, hardware, and services for smartphones, told MIT. “We have had many civil cases we have not been able to process… because of encryption blocking us.”