Jeffrey Walton writes:

> What is the state of the art for mobile password cracking on iOS and Android?

I'm not sure if you're thinking primarily of the operating-system level
passwords or third-party crypto apps.

Dmitry Sklyarov (the same Dmitry Sklyarov) gave an interesting talk at
BlackHat Europe a few weeks ago where he described having cracked the
majority of PIN-oriented mobile crypto apps he examined -- a total of
around 20 apps.

https://media.blackhat.com/bh-eu-12/Belenko/bh-eu-12-Belenko-Password_Encryption-WP.pdf
https://media.blackhat.com/bh-eu-12/Belenko/bh-eu-12-Belenko-Password_Encryption-Slides.pdf

One common problem was incorrect use of crypto so that a candidate
PIN could be verified at very low computational cost.  (Sometimes,
there was a somewhat expensive decryption step but an independent
cheap, fast MAC.)  Another problem was that PINs are so low entropy
("most mobile devices today do not have physical keyboard, making it
harder for users to utilize motor learning to remember complex
passwords [so] on average, the complexity of a password that has to
be entered routinely on a mobile device will be lower").

A third problem, if I understood correctly, was that even if key
derivation like PBKDF2 is used correctly, mobile devices are so
much slower than the systems used for brute force attacks that the
attacker can still plausibly do an exhaustive search even with the
delays introduced by key derivation.  Crypto app developers,
unwilling to make the users wait a long time to access their data,
may use a relatively low key derivation work factor.

The highest PBKDF2 work factor of any app Sklyarov and Belenko
examined was 4000.  Sklyarov and Belenko still estimated that
passwords for this application could be verified on a GPU at about
160,000 passwords per second, from which they concluded that a
10-digit numeric PIN could be recovered on a single GPU in one
day.  And that was the _best_ mobile crypto app they examined.

However, they concluded that built-in crypto protections in mobile
operating systems may be stronger for various reasons, and maybe
that's more of what you were interested in.

-- 
Seth Schoen  <[email protected]>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to