In a lot of modern phones, and particularly iPhones, the encryption key is stored in the TPM. The TPM itself handles the encryption and decryption of data. If someone manages to get read access to the system memory, the most they’re getting is whatever cleartext data is stored in memory for cache or process memory.
Citing my Claims:
I’m not going to bore myself or anyone else with whitepapers and PDFs, but Apple themselves summarize how T2 (TPM) works with disk encryption on Mac devices. The iPhone has the same chip and an even stricter threat model. In M-series Apple devices, they rolled its functionality into the SoC.
Correct, though it still is saved somewhere. Just like how TPMs in Computers can be exploited as well, this also can be. What I meant in my original comment was that the emergency mode did not clear that hardware chip’s storage and do a full encryption of the storage, which others said otherwise.
Ah. Then yeah, emergency mode won’t suffice for protecting the full contents of the disk.
I can’t say Apple actually does this, but it is possible to protect important data by further encrypting user data with a separate encryption key derived from the passcode, and then clearing the key whenever the screen is locked.
In a lot of modern phones, and particularly iPhones, the encryption key is stored in the TPM. The TPM itself handles the encryption and decryption of data. If someone manages to get read access to the system memory, the most they’re getting is whatever cleartext data is stored in memory for cache or process memory.
Citing my Claims:
I’m not going to bore myself or anyone else with whitepapers and PDFs, but Apple themselves summarize how T2 (TPM) works with disk encryption on Mac devices. The iPhone has the same chip and an even stricter threat model. In M-series Apple devices, they rolled its functionality into the SoC.
deleted by creator
Correct, though it still is saved somewhere. Just like how TPMs in Computers can be exploited as well, this also can be. What I meant in my original comment was that the emergency mode did not clear that hardware chip’s storage and do a full encryption of the storage, which others said otherwise.
Ah. Then yeah, emergency mode won’t suffice for protecting the full contents of the disk.
I can’t say Apple actually does this, but it is possible to protect important data by further encrypting user data with a separate encryption key derived from the passcode, and then clearing the key whenever the screen is locked.