Technology Review highlights the evolution of security that has occurred on the iPhone. The article notes how Apple has been able to gain acceptance among the government and enterprise by overcoming its initially loose stance on device security to roll out industry leading encryption options. These options help defeat essentially all attempts at accessing properly protected devices.
At the heart of Apple’s security architecture is the Advanced Encryption Standard algorithm (AES), a data-scrambling system published in 1998 and adopted as a U.S. government standard in 2001. After more than a decade of exhaustive analysis, AES is widely regarded as unbreakable. The algorithm is so strong that no computer imaginable for the foreseeable future—even a quantum computer—would be able to crack a truly random 256-bit AES key. The National Security Agency has approved AES-256 for storing top-secret data.
In a a recent white paper (PDF), Apple has highlighted this hardware security. Such hardware security involves the incorporation of a unique AES-256 key fused into each iOS device and which can not be directly read. In addition, access to the device’s software can be restricted via a PIN passcode. In fact, to break iOS passcodes, brutal force attacks are required and needing the device to be run at 80 milliseconds per.
Most of the information in the article is not, but the article does offer an overview of the layers of security Apple has built into its products.