Encrypted file systems
In addition to the acquisition hurdles, the file system on the iPhone is encrypted. Since the release of the iPhone 3GS, the hardware and firmware encryption are built into iOS devices. Every iOS device has a dedicated AES 256-bit crypto engine (the AES cryptographic accelerator) with two hardcoded keys: UID (Unique ID) and GID (Group ID) (as stated by Zdziarski). The CPU on the device cannot read the hardcoded keys but can use them for encryption and decryption through the AES accelerator. The UID key is unique for each device and is used to create device-specific keys (the 0x835 key and the 0x89B key) that are later used for file system encryption. The UID allows data to be cryptographically tied to a particular device; so, even if the flash chip is moved from one device to other, the files are not readable and remain encrypted. The GID key is shared by all devices with the same application processor (for example, all devices that use the A7 chip) and is used to...
