How the iPhone's security measures work

An FBI request that Apple develop software to bypass the security barriers of the iPhone 5C belonging to San Bernardino shooter Syed Rizwan Farook has highlighted Apple’s encryption methods — technology that uses 256—bit encryption to keep data private. How it works:

Read more: While the FBI battles Apple over encryption, pushback from the tech industry persists

What is 256-bit encryption?

Like all computers, your iPhone stores data as 0’s and 1’s. It uses an encryption key — a unique number that is 256 bits long to encrypt all the data on the phone. How long is 256 bits? A bit stores a 0 or 1. One bit has two patterns and two bits have four distinct patterns. The more bits there are, the more possible combinations of 0’s and 1’s.

256-bit encryption and the iPhone passcode: How secure is it?

256 bits can provide trillions of patterns — virtually impossible to guess, even for a computer.

When an iPhone leaves the factory, Apple doesn’t keep a copy of its key. Without the key, no one, not even Apple, can unscramble the data.

If the user sets up a passcode, the passcode allows the encryption key to unscramble the user’s data making it readable.

Why does the FBI need Apple’s help?

The FBI has asked Apple to create software that will allow it to bypass two iPhone features designed to maintain the security of its data. First, if a passcode is entered wrong several times, your iPhone will stop accepting additional inputs for a period of time.

Second, a user can enable his or her phone to permanently delete the information needed to unscramble its data if the wrong code is punched in too many times. These two security measures have made it difficult for the FBI to use “brute force” — automatically inputting each possible combination of numbers until the correct passcode is found — to unlock Farook’s iPhone.

Brute force

If the FBI succeeds in getting Apple to help defeat the iPhone’s security measures, it will use a program to throw every possible number combination at the phone — also called a “brute force” attack.

Sources: Apple, Stanford University

raoul.ranoa@latimes.com

Follow me for the latest infographics from the latimes. @latimesgraphics @ranoa