During late 2017, news about the GrayKey surfaced as a mysterious iPhone unlocking device. Very little information was known about the device as well as Grayshift - the company which developed the tool. However, now thanks to an anonymous source, we have information regarding how the GrayKey looks and more importantly, how it manages to unlock an iPhone.
Design wise it is a simple gray colored box. It has two lightning cables sticking out of the front which allows two iPhones to be connected to the device at the same time.
Now, to unlock an iPhone, first, it needs to be connected to one of the lightning cables and left there for around two minutes, after which it can be disconnected. Then it is a waiting game. Depending on the length of the passcode, the unlocking procedure will vary.
Generally, to decipher a four-digit passcode, it takes around 2 hours. Six-digit passcodes can take as long as 3 days or even more. There was no mention regarding the time taken for longer passphrases. Once the passcode is deciphered, the phone will display a black screen and show the passcode along with some other information.
After the device gets unlocked, the entire content of the iPhone is downloaded into the GrayKey device. The content can then be accessed from a web-based interface on a connected computer and even downloaded onto that computer.
The GrayKey devices work on even the latest iPhone hardware and iOS versions up to 11.2.5. It is available in two models, one priced at $15000 and the other at $30000. The cheaper one requires internet connectivity and is strictly geofenced whereas the higher priced variant requires no internet connection and uses a token-based authentication system for security purposes.
In the past, companies such as Cellebrite has also been known to provide iPhone unlocking functions to law enforcement agencies, but as a service. GrayKey, on the other hand, provides complete control of the unlocking process to the hands of law enforcement. This can be a security concern. Even if we consider law enforcement agents to be trustworthy, but what about scenarios when their computers get hacked or compromised?