-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 21/02/13 18:32, Brian Conley wrote: > Any idea why the researchers would posit that iOS devices may be > less susceptible?
iOS has several classes of encrypted storage. For the NSFileProtectionComplete class, the class key that protects the individual file keys is erased from memory 10 seconds after the device is locked. So I guess files encrypted with that class would be unrecoverable via a cold boot attack if the device had been locked for 10 seconds. http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf Android uses a single key to protect all encrypted storage (excluding apps that use their own encryption, eg SQLCipher), so that key must be kept in memory whenever the device is running. http://source.android.com/tech/encryption/android_crypto_implementation.html Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJRJm4YAAoJEBEET9GfxSfMwi8H/37g4caSmxPQ1DKLkHALqS/u IIUD1iCrxjAhglRgqMHLUZb/XX12lM+iQ8IqqMWNHQkrw9p04Amd/f+dR+MkAbsf ndf0grkiIllTuPEm4kcLY9DNcAfH5VavFpoRoEMCKtEAPOtWHAPt93RTkjx6oLAJ Y8vPHiG4Bndr2GckjpSkdpkIW4dt2uCMfZOd+ALtKnMpSmJpr2I7A8x+iexwIJXP SLm77PP1rQrOCykvZN+dfuDWH8lYytX37fbabxy5S0VNZtfvPIT4QJIxWW62e1nm 6uE/zTIJlY5WZj6GSxYLsPpcn41Vj3Pfzk7TDT/iPoWSBabRpfLhzuqPK/L2/oo= =zB77 -----END PGP SIGNATURE----- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
