[some_guy_there]

Thanks. So only recourse for highly resourced adversary will be to decode key via hardware imaging (not sure if any research has been done on this), and after that they will still have to bruteforce the passphrase used to secure the phone, the effectiveness of which depends on the entropy of passphrase.

I wonder what how Apple can help the law enforcement here.

[akiselev]

A lot of research has gone into information recovery from silicon inspection since it's tied closely to reverse engineering ICs. It's not the most trivial of pursuits but widely done.

There are some hardware HMACs (Atmel's in particular IIRC) where the process of opening the chip package destroys the area of silicon that encodes the private keys. I don't know if Apple used the same tech but if they did, any attempt to look at the private key storage would destroy it.

[cnvogel]

This kind of security is used in SIM-cards, access-cards for pay-TV, TPMs. Kind of standard with various variations.

Some criss/cross metal mesh as the topmost layer you would have to penetrate, or photodiodes that sense the light if you put a device under a microscope, ...

[EGreg]

Quantum cryptography would be fullproof. Any attempt to view the algorithm instead of using it would render it useless.

[cyphar]

That's not how quantum crypto works (it's based on observation of state, not the algorithm). Further, we've had cases of quantum crypto that just wasn't good enough to stop an observer from MITMing the internal state.

[squidbidness]

The usual expression is "fool proof", rather than "fullproof".