The first commercially available set of tools for cracking the encryption and passwords on iOS devices has been made available by Russian security company ElcomSoft. One part of their software is a password breaker, while another part, available only to law enforcement and forensic agencies, is able to extract numbers used to create the encryption keys for iOS data to render decrypted images of the device.
The decryption tool requires access to the device in question, but once it's in hand, a few different kinds of keys need can be scraped from it, including the unique device key (UID) and escrow keys calculated using the UID and escrow pairing records. If the device is only protected by a 4-digit passcode, the program then only needs to brute-force its way through that to get access to all of the decryptable information.
iOS was never much of a security fortress (as we've noted numerous times) and even this new tool uses a variation of a previously discovered method. Charlie Miller, of Pwn2Own fame and a principal research consultant with Accuvant, even pointed out to Ars that the Fraunhofer Institute for Secure Information Technology detailed a very similar method in a research paper they put out in February. However, their tools are not for sale.
If your phone or tablet regularly comes under scrutiny of the law, Miller adds that this commercially available toolset is fairly simple to route by using a long, complex password rather than a 4-digit code to protect your data. The ElcomSoft method comes with a password breaker, but much of its efficiency is derived from defining limits on the possible guesses, such as variations on a certain word.
While "beating it out of you" will remain the superior method of password obtainment for the average law enforcer, the password breaker could still come in handy for when you can't remember which characters in your leetspeak password were numbers, and which were letters.
Comments