Visible to the public Evaluating Side Channel Resilience in iPhone 5c Unlock Scenarios

TitleEvaluating Side Channel Resilience in iPhone 5c Unlock Scenarios
Publication TypeConference Paper
Year of Publication2019
AuthorsLorenzo, Fernando, McDonald, J. Todd, Andel, Todd R., Glisson, William B., Russ, Samuel
Conference Name2019 SoutheastCon
Keywordsapplication deployment, compositionality, cryptography, electromagnetic fault-injection, EM fault-injection, EM-based iOS studies, Encryption, fault injection, Fingerprint recognition, Hardware, Human Behavior, human factors, intrusion scenarios, iOS Security, iPhone, iPhone 5c model, iPhone 5c processor, iPhone 5c unlock scenarios, law enforcement, locked iOS devices, locked iPhone 5c, malicious insiders, Metrics, Operating systems, operating systems (computers), pubcrawl, resilience, Resiliency, secure operating systems, side channel resilience, side channel vulnerabilities, side channel-based approach, smart phones
AbstractiOS is one of the most secure operating systems based on policies created and enforced by Apple. Though not impervious or free from vulnerabilities, iOS has remained resilient to many attacks partially based on lower market share of devices, but primarily because of tight controls placed on iOS development and application deployment. Locked iOS devices pose a specific hard problem for both law enforcement and corporate IT dealing with malicious insiders or intrusion scenarios. The need to recover forensic data from locked iOS devices has been of public interest for some time. In this paper, we describe a case study analysis of the iPhone 5c model and our attempts to use electromagnetic (EM) fault-injection as a side channel means to unlock the device. Based on our study, we report on our unsuccessful attempts in unlocking a locked iPhone 5c using this side channel-based approach. As a contribution, we provide initial analysis of the iPhone 5c processor's spectral mapping under different states, a brief survey of published techniques related to iPhone unlock scenarios, and a set of lessons learned and recommended best practices for other researchers who are interested in future EM-based iOS studies.
Citation Keylorenzo_evaluating_2019