Jeffrey Walton writes: > What is the state of the art for mobile password cracking on iOS and Android?
I'm not sure if you're thinking primarily of the operating-system level passwords or third-party crypto apps. Dmitry Sklyarov (the same Dmitry Sklyarov) gave an interesting talk at BlackHat Europe a few weeks ago where he described having cracked the majority of PIN-oriented mobile crypto apps he examined -- a total of around 20 apps. https://media.blackhat.com/bh-eu-12/Belenko/bh-eu-12-Belenko-Password_Encryption-WP.pdf https://media.blackhat.com/bh-eu-12/Belenko/bh-eu-12-Belenko-Password_Encryption-Slides.pdf One common problem was incorrect use of crypto so that a candidate PIN could be verified at very low computational cost. (Sometimes, there was a somewhat expensive decryption step but an independent cheap, fast MAC.) Another problem was that PINs are so low entropy ("most mobile devices today do not have physical keyboard, making it harder for users to utilize motor learning to remember complex passwords [so] on average, the complexity of a password that has to be entered routinely on a mobile device will be lower"). A third problem, if I understood correctly, was that even if key derivation like PBKDF2 is used correctly, mobile devices are so much slower than the systems used for brute force attacks that the attacker can still plausibly do an exhaustive search even with the delays introduced by key derivation. Crypto app developers, unwilling to make the users wait a long time to access their data, may use a relatively low key derivation work factor. The highest PBKDF2 work factor of any app Sklyarov and Belenko examined was 4000. Sklyarov and Belenko still estimated that passwords for this application could be verified on a GPU at about 160,000 passwords per second, from which they concluded that a 10-digit numeric PIN could be recovered on a single GPU in one day. And that was the _best_ mobile crypto app they examined. However, they concluded that built-in crypto protections in mobile operating systems may be stronger for various reasons, and maybe that's more of what you were interested in. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
