iOS 10 Allows for Brute Force Attacks of 6,000,000 Passwords Per Second to be Attempted on Local Backups
Apple admitted recently to an issue affecting the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC and said a fix would be included in an upcoming update.
Released mid-September, iOS 10 addressed a total of seven vulnerabilities, the most severe of which could be exploited by a man-in-the-middle (MitM) attacker to prevent a device from receiving updates. Because iOS 10 rendered some devices useless, Apple was quick to release iOS 10.0.1, which also included a new fix for one of the “Trident” security flaws patched last month.
The security weakness of local backups was discovered in iOS 10 backups by ElcomSoft, a company that specializes in password recovery tools. According to them, the bug introduced by Apple in iOS 10 makes local backups significantly more susceptible to brute-force attacks than those for previous operating system versions.
According to ElcomSoft, they were able to recover passwords from iOS 10 backups at speeds several thousand times faster when compared to recovering from password-protected iOS 9 backups. The changes that Apple introduced in iOS 10 for offline (iTunes) backups appear to be the root cause of the problem.
ElcomSoft’s Oleg Afonin explains in a blog post that an alternative password verification mechanism was added to iOS 10 backups, but that it skips certain security checks, thus allowing for a brute-force attacker to try passwords 2,500 times faster than what the old mechanism would allow for. The attack, he says, was executed against a local backup on a machine powered by an Intel i5 processor.
ElcomSoft hasn’t provided specific details on the security vulnerability, but revealed that it has added an exploit for it to its Elcomsoft Phone Breaker 6.10. On the same machine, the company reveals, the tool could try only 2,400 passwords per second for iOS 9 backups, but iOS 10 allows for a total of 6,000,000 passwords per second to be attempted.
Only the password-protected local backups produced by iOS 10 devices allow an attacker to leverage this new vector. The old protection mechanism, Afonin notes, continues to be available for iOS 10 backups and delivers the same level of protection as it did for previous platform versions.
“All versions of iOS prior to iOS 10 used to use extremely robust protection. Chances of recovering a long, complex password were slim, and even then a high-end GPU would be needed to accelerate the recovery. As a result of our discovery, we can now break iOS 10 backup passwords much faster even without GPU acceleration,” Vladimir Katalov, ElcomSoft CEO, says.
Apple has already confirmed that the issue exists, and even told Forbes that it was considering a patch in an upcoming security update. The company revealed that the issue indeed affects the encryption strength for iOS 10 backups performed using iTunes on the Mac or PC, but underlined that iCloud backups are not affected by it.
The good news, of course, is that the attack can be performed only if the attacker can access or create a local iOS 10 backup to work with. Because the backup contains all of the content on the iOS device, including contacts, calls, messages, media files, and even passwords, a successful attack would result in full device compromise and even the compromise of other user accounts.
After security researchers discovered a series of zero-day iOS vulnerabilities leveraged in targeted attacks against human rights activists, journalists, and other persons of interest, Apple in early September released updates for Mac OS X and Safari too to address the same issues.