[cryptography] Fwd: Re: Commercialized Attack Hardware on SmartPhones
ag4ve.us at gmail.com
Sun Mar 2 11:37:51 EST 2014
---------- Forwarded message ----------
From: "shawn wilson" <ag4ve.us at gmail.com>
Date: Mar 2, 2014 11:37 AM
Subject: Re: [cryptography] Commercialized Attack Hardware on SmartPhones
To: "Tom Ritter" <tom at ritter.vg>
How about a dictionary and rules. Even if you choose an alphanumeric
"strong" pass, you're kinda limited to the phone's keyboard - you're not
going to want to switch case or between letters and special too often.
Also, IIRC Android limits length to 15 chars. I also don't think the screen
lock can be different than the boot pass (so everything I said above should
Basically what I'm saying is use hashcat.
On Mar 2, 2014 10:34 AM, "Tom Ritter" <tom at ritter.vg> wrote:
> Hey all, wondering if anyone knows of any commercialized hardware
> (e.g. developed into a product, not just a research paper) that
> conducts attacks on powered-on, Full Disk Encrypted Android/iPhone
> phones that _isn't_ PIN guessing?
> So a powered-off FDE-ed iPhone or Android can be attacked by brute
> force with no limiting factor. A good example of this type of
> software is Elcomsoft  - they brute force the passphrase.
> A powered-on FDE-ed iPhone or Android can also be attacked by manual
> or automated PIN entry - on the iPhone this can introduce a lockout,
> but not on Android. Assuming they can't see your smudges and guess
> the PIN/Swipe/password of course. I'm not sure if I know of a
> commercialized solution to this that does it electronically, but a
> friend of mine built a robot. 
> But if you have a strong passphrase, things are looking good. But
> what about Cold Boot or DMA?
> I don't believe you can do a DMA attack against most Android phones -
> it's just a USB port. But what about the HDMI-mini port? And is the
> iPhone Thunderbolt/Lightning connector hooked up to DMA?
> As far as cold boot, I'm aware of the FROST paper, but that isn't a
> commercialized offering, nor does it seem reliable or robust enough
> for law enforcement needs. Chip-off attacks are very unlikely. AFAIK
> iPhone jailbreaks require you to unlock your phone for technical
> reasons, so those aren't possible without an unlocked phone (although
> I'm not positive about that.)
> Does anyone know about anything in this space? Where an 'ordinary' law
> enforcement agency (e.g. the NYPD, not the NSA) could shortcut a
> strong passphrase on a phone technically? (e.g. not beating it out of
>  http://www.elcomsoft.com/eift.html#passcode
>  http://boingboing.net/2013/07/26/pin-punching-200-robot-can-br.html
>  https://www1.informatik.uni-erlangen.de/frost
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography