The scandal of NSA hacking tools and surveillance program. Who’s the hero protect world wide privacy? The the largest market research firm (MarketsandMarkets) forecasts the global BYOD market to grow from $71.93 billion in 2013 to $266.17 billion in 2019. You might have question? How to protect your personal data privacy? Even though law enforcement especially NSA couldn’t cracked under normal circumstance?
The trend of security technology
A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a key—a word, number, or phrase—to encrypt the plaintext. The same plaintext encrypts to different ciphertext with different keys. As times go by, the encryption algorithm becomes more complex. Many encryption algorithm (3DES, AES, AES 256) appears in the world.
Steal crypto Key
If the hacker engage a side-channel attack,he must through brute force or by exploiting a weakness in the underlying algorithm. Since the crypto key store on hard drive. The simple idea is that extract the key and certificate in the disk.
In order to avoid steal crypto keys and certificates, Apple establish defensive mechanism.
Apple secure key store in the chipset. The Apple processor contains an on-board, AES cryptograhic key called the Global ID (GID) that is believed to be shared across all the current ‘iDevices’. This GID key is used to un-wrap the keys that decrypt the corresponding boot firmware code stored in system non-volatile memory .
Chipset architecture shown as below:
Microsoft’s struggle for balance and control (windows OS includes windows phone)
If the encryption key is stored in the operating system itself rather than using a hardware. It’s possible for hacker extract the keys and certificates. BitLocker disk encryption requires a TPM. TPM stands for “Trusted Platform Module”. It’s a chip on your computer’s motherboard that helps enable tamper-resistant full-disk encryption.
BitLocker Drive Encryption is built into the Windows 10 operating system and uses … TPM v1.2 Chip
TPM version 1.2 Chip – A very generic description of the TPM is that it performs RSA encryption, decryption, and signing in the hardware.
Atmel AT97SC3204T Trusted Platform Module