iOS 10 backups are easier to crack, but Apple promises to fix security flaw

Forensic researcher claims iOS 10 local backups are easier to crack since the security protection is 2,500 times weaker than in iOS 9, but Apple promised to roll out a patch for the security flaw.

texting woman iphone macbook
Credit: William Iven

After Apple’s battle over encryption with the FBI, you’d expect Apple’s newest iOS to continue the trend of providing even better privacy and security than the previous iOS version. Sadly, that’s currently not true as iOS 10 has a “major security flaw” which leaves the data locally backed up to iTunes much more vulnerable to password cracking.

At least that is what Russian forensic software company Elcomsoft claimed on Friday. Apple allegedly weakened the method for protecting local backup files in iOS 10 by skipping some security checks. In other words, the security mechanism for protecting iOS 10 backups, which are saved locally on a computer via iTunes, are more susceptible to password-cracking tools.

“The new security check is approximately 2,500 times weaker compared to the old one that was used in iOS 9 backups,” Elcomsoft researcher Oleg Afonin announced.

Elcomsoft, which makes forensic software to gain access to password-protected, locked and encrypted information on mobile devices, was tweaking its Phone Breaker software so it would work on iOS 10. That’s when the company discovered the “alternative password verification mechanism” which Apple added to iOS 10 backups.

Even if you look at it with a jaded eye, thinking it’s a handy approach for selling forensic software, Elcomsoft said it can crunch 6,000,000 passwords per second, making it 40 times faster than the “old method” that had GPU acceleration – something the new method does not have.

It is because Apple makes secure smartphones that forensic investigators focus on data backups. “Forcing an iPhone or iPad to produce an offline backup and analyzing resulting data is one of the very few acquisition options available for devices running iOS 10,” Elcomsoft said. If an attacker or law enforcement can crack the password, then they can nab decrypted data – everything in the backup, including the keychain.

“Keychain is Apple’s protected storage that is additionally encrypted on a file level (on top of the already active full-disk encryption that works on a block level),” explained Afonin. “While stored on the device, the keychain is encrypted with a key that is buried deep in Secure Enclave. Even if you can jailbreak a 64-bit iOS device (iPhone 5s and newer), you would still be unable to extract decryption keys for the keychain.”

Password security expert Per Thorsheim wants to know if Apple purposefully used a weaker hashing algorithm, since the company “changed from PBKDF2” algorithm, (SHA1), “with 10,000 iterations into using a plain SHA256 hash with a single iteration only.” He doesn’t believe the change happened by “pure error,” since Apple had many iOS 10 beta versions.

Thorsheim wrote, “The interesting question for Apple to answer is whether this massive weakening of your security and privacy is intentional, if it is a stupid glitch, or is it clueless crypto/developers?”

Surely after going toe-to-toe with the feds over encryption and people’s right to privacy, the issue is a result of a big-time security blunder and not intentionally stabbing users in the back to please law enforcement? It is important to note that this not a remote hack and does not apply to iCloud backups. An attacker, or law enforcement, would need access to a victim’s computer where the local backup is stored.

Apple acknowledged the issue and promised the flaw will be fixed via an upcoming patch. Apple told Forbes:

We’re aware of an issue that affects the encryption strength for backups of devices on iOS 10 when backing up to iTunes on the Mac or PC. We are addressing this issue in an upcoming security update. This does not affect iCloud backups. We recommend users ensure their Mac or PC are protected with strong passwords and can only be accessed by authorized users. Additional security is also available with FileVault whole disk encryption.

The march toward exascale computers
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies