On 11/28/2011 05:58 PM, Marsh Ray wrote:
I heard it stated somewhere that an Apple product was using PBKDF2 with a work factor of 1. Does that count?
Follow-up. It was Blackberry, not Apple: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3741
Vulnerability Summary for CVE-2010-3741 Original release date:10/05/2010 Last revised:07/19/2011 Source: US-CERT/NIST Overview The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack. Vulnerability Summary for CVE-2010-3741 Original release date:10/05/2010 Last revised:07/19/2011 Source: US-CERT/NIST Overview The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack.
http://www.infoworld.com/t/mobile-device-management/you-can-no-longer-rely-encryption-protect-blackberry-436
> [Elcomsoft]
In short, standard key-derivation function, PBKDF2, is used in a very strange way, to say the least. Where Apple has used 2,000 iterations in iOS 3.x, and 10,000 iterations in iOS 4.x, BlackBerry uses only one.
Via http://en.wikipedia.org/wiki/PBKDF2#BlackBerry_vulnerability . - Marsh _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography