After the iPhone encryption war between Apple and the FBI, Apple changed into inspired to paintings closer to making an unhackable future iPhones by way of enforcing more potent security measures even the employer cannot hack.
Even at that factor the company hired one of the key builders of sign — one of the world’s maximum secure, encrypted messaging apps — its middle-security group to achieve this goal.
however, it looks like Apple has taken something of a backward step.
Apple deliberately weakens Backup Encryption For iOS 10
With the today’s replace of its iPhone running system, it appears the business enterprise would possibly have made a large blunder that immediately influences its customers’ safety and privacy.
Apple has downgraded the hashing algorithm for iOS 10 from “PBKDF2 SHA-1 with 10,000 iterations” to “simple SHA256 with a single iteration,” doubtlessly permitting attackers to brute-force the password through a preferred Desktop computer processor.
PBKDF2 stands for Password-based Key Derivation Function, is a key stretching set of rules which makes use of an SHA-1 hash with lots of password iterations, which makes password cracking pretty tough.
In iOS 9 and earlier variations returned to iOS 4, PBKDF2 characteristic generates the final crypto key using a pseudorandom characteristic (PRF) 10,000 instances (password iterations), which dramatically increases authentication manner time and makes a dictionary or brute-pressure attacks much less powerful.
Now Bruteforce 2,500 times Faster than earlier iOS Versions
Moscow-primarily based Russian company ElcomSoft, who determined this weak spot that is targeted around local password-protected iTunes backups, mentioned that Apple has betrayed its users via intentionally downgrading its 6 years antique effective encryption to SHA256 with simply one generation.
consequently, a hacker simplest requires to try a single password once and brute force to find a match and crack the account login, making the entire method substantially less time consuming.
We discovered an alternative password verification mechanism added to iOS 10 backups. We looked into it and found out that the new mechanism skips certain security checks, allowing us to try passwords approximately 2500 times faster compared to the old mechanism used in iOS 9 and older,” Oleg Afonin from Elcomsoft wrote in a blog post today.
Yes, it’s quite obvious. With iOS 10, and it’s possible for an attacker to brute force the password for a user’s local backup 2,500 faster than was possible on iOS 9, using a computer with an Intel Core i5 CPU (with 6 million passwords per second).
Despite, an evident constraint to this attack is that it can’t be executed remotely.
Since the weakness is specific to password-protected local backups on iOS 10, a hacker would require access to your device’s local backup, where the iPhone files are stored.
Elcomsoft is a well-known Russian forensics company that, like market leader Cellebrite, makes money by selling a kit that can hack into iPhones for the purpose of rooting around a target’s device.
The Elcomsoft’s kit was believed to have been used in The Fappening (or ‘Celebgate’) hack, where hackers exposed celebrities’ nude pictures in 2014 by hacking into the Apple iCloud and Gmail accounts of more than 300 victims.