On list ---------- Forwarded message ---------- From: "shawn wilson" <ag4ve...@gmail.com> Date: Mar 2, 2014 11:37 AM Subject: Re: [cryptography] Commercialized Attack Hardware on SmartPhones To: "Tom Ritter" <t...@ritter.vg> Cc:
How about a dictionary and rules. Even if you choose an alphanumeric "strong" pass, you're kinda limited to the phone's keyboard - you're not going to want to switch case or between letters and special too often. Also, IIRC Android limits length to 15 chars. I also don't think the screen lock can be different than the boot pass (so everything I said above should hold true). Basically what I'm saying is use hashcat. On Mar 2, 2014 10:34 AM, "Tom Ritter" <t...@ritter.vg> wrote: > Hey all, wondering if anyone knows of any commercialized hardware > (e.g. developed into a product, not just a research paper) that > conducts attacks on powered-on, Full Disk Encrypted Android/iPhone > phones that _isn't_ PIN guessing? > > So a powered-off FDE-ed iPhone or Android can be attacked by brute > force with no limiting factor. A good example of this type of > software is Elcomsoft [0] - they brute force the passphrase. > > A powered-on FDE-ed iPhone or Android can also be attacked by manual > or automated PIN entry - on the iPhone this can introduce a lockout, > but not on Android. Assuming they can't see your smudges and guess > the PIN/Swipe/password of course. I'm not sure if I know of a > commercialized solution to this that does it electronically, but a > friend of mine built a robot. [1] > > But if you have a strong passphrase, things are looking good. But > what about Cold Boot or DMA? > > I don't believe you can do a DMA attack against most Android phones - > it's just a USB port. But what about the HDMI-mini port? And is the > iPhone Thunderbolt/Lightning connector hooked up to DMA? > > As far as cold boot, I'm aware of the FROST paper[2], but that isn't a > commercialized offering, nor does it seem reliable or robust enough > for law enforcement needs. Chip-off attacks are very unlikely. AFAIK > iPhone jailbreaks require you to unlock your phone for technical > reasons, so those aren't possible without an unlocked phone (although > I'm not positive about that.) > > Does anyone know about anything in this space? Where an 'ordinary' law > enforcement agency (e.g. the NYPD, not the NSA) could shortcut a > strong passphrase on a phone technically? (e.g. not beating it out of > someone?) > > -tom > > [0] http://www.elcomsoft.com/eift.html#passcode > [1] http://boingboing.net/2013/07/26/pin-punching-200-robot-can-br.html > [2] https://www1.informatik.uni-erlangen.de/frost > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography