iPhone 4 Unlock With Brute Force Cracking Of 40 Bit NCK Code?

Some uplifting news for all those iPhone unlockers who felt completely let down from recent tweets from MuscleNerd suggesting there could be no unlock in the coming days from the Dev Team. A new method to unlock iPhone 4 – the NCK unlock has been discovered to be only of 40 Bits or 5 digits which makes it theoretically possible to crack it using brute force attack.

For all those who may be wondering what this new NCK method is all about, here is FAQ put up by Vincent of the iPhone Wiki team.

What is this NCK-key cracking? How does it work?

The NCK-key is the key generated by Apple if you’d officially unlock you iPhone, and with officially I mean, via your carrier. This “NCK-unlock” method is known over a few years now, actually since geohot started working on unlocking the iPhone 2G. He developed a program that could “crack” this 15 digits long key and unique for every device. Geohot’s NCKBF program could do around 100,000 keys/second which would produce a hit in many years, or complete a search in 317 years.

To get to a point where this is actually doable we would need many orders of magnitude of improvement. Even if you use a PS3 (would we still want to use this??) or special hardware (within 1,000 US$ range) you will only get an improvement of 20-100 times.. which doesn’t help much.

Now, luckily, with the exploits they have now, they can’t unlock your baseband, but they *can* capture more information from the baseband to speed up this cracking process. Since the NORID and CHIPID (unique for every device) are known, you’d apparently only have to check 40 more bits (5 digits). A 40 bits key is theoretically crackable on “home hardware” within a week (24/7).

The downside of this approach is that you’ll have to keep your computer turned on, and your iPhone has to be connected. And that is the reason why they never tried it before. Please note that this method is completely theorical and has been NOT tried at all till this moment

MuscleNerds’ tweets definitely put some smiles back on iPhone unlockers:

If this 40-bit thing is true, it’s (very much so!) the silver lining to all the blame-game stuff of last day’s tweets

Unlock_ iPhone_4_Baseband_2.10.04_3.10.0_NCK_method_1

@msalahmail 40b is far less than we expected. Given NOR and SGOLD chip ID (obtainable via hacks), 40 bits is trivial BF

Unlock_ iPhone_4_Baseband_2.10.04_3.10.0_NCK_method_2

@toromand 40 bits brute force is trivial if you can get your NOR and SGOLD chip IDs via current vulnerabilities

Unlock_ iPhone_4_Baseband_2.10.04_3.10.0_NCK_method_4

(if turns out to be true, it’s unexpected surprise for those w/vuln BB’s. All the data is there for 40-bit brute force)

To those patiently ignoring all the chatter from “promises” we never made comes a jewel: NCK unlock code is just 40 bits!

Unlock_ iPhone_4_Baseband_2.10.04_3.10.0_NCK_method_3

Stay tuned as we bring in more updates on the progress of the NCK unlock in the coming days!

You can follow us on Twitter or get updates via Facebook or RSS feed.