iOS 10 comes with more than a redesigned iMessage and widgets. It also ships with a serious design defect that makes it vastly easier to crack password-protected backups.
Moscow-based ElcomSoft discovered the flaw, which is centered around local password-protected iTunes backups. On iOS 10, these now have a weak secondary security mechanism which “skips certain security checks”. This makes it possible to launch a brute-force attack – where different passwords are tested until the correct one is identified – up to 2,500 faster than iOS 9.
This separate security mechanism is distinct to iOS 10; it doesn’t affect earlier versions. It also exists in parallel with the earlier, more secure system.
Technical details are scarce on the ground, but ElcomSoft believes that the flaw is because Apple changed the iOS 10 hashing algorithm from a secure one to a vastly weaker one.
Apple have moved from pbkdf2(sha1) with 10K iterations to a plain sha256 hash with a single iteration only. Bruteforce with CPU!
— Per Thorsheim (@thorsheim) September 23, 2016
According to ElcomSoft, this flaw means that it’s possible to test 6 million passwords per second on iOS 10, using a computer with an Intel Core i5 CPU.
It’s worth emphasizing that this exploit can’t be used remotely. The attacker needs to have access to your local backup, which contains everything from media files, to HealthKit and HomeKit data, and more.
ElcomSoft are well known for their password- and DRM-defeating software. The Moscow-based firm has been around since 1990, and has defeated security measures from the likes of Adobe and Microsoft, often landing its researchers in legal hot water in the process.
We’ve reached out to Apple and will update this story if there’s a response.