[cryptography] Commercialized Attack Hardware on SmartPhones

Kevin kevinsisco61784 at gmail.com
Sun Mar 2 11:47:33 EST 2014

On 3/2/2014 10:33 AM, Tom Ritter wrote:
> Hey all, wondering if anyone knows of any commercialized hardware
> (e.g. developed into a product, not just a research paper) that
> conducts attacks on powered-on, Full Disk Encrypted Android/iPhone
> phones that _isn't_ PIN guessing?
> So a powered-off FDE-ed iPhone or Android can be attacked by brute
> force with no limiting factor.  A good example of this type of
> software is Elcomsoft [0] - they brute force the passphrase.
> A powered-on FDE-ed iPhone or Android can also be attacked by manual
> or automated PIN entry - on the iPhone this can introduce a lockout,
> but not on Android.  Assuming they can't see your smudges and guess
> the PIN/Swipe/password of course.  I'm not sure if I know of a
> commercialized solution to this that does it electronically, but a
> friend of mine built a robot. [1]
> But if you have a strong passphrase, things are looking good.  But
> what about Cold Boot or DMA?
> I don't believe you can do a DMA attack against most Android phones -
> it's just a USB port.  But what about the HDMI-mini port?  And is the
> iPhone Thunderbolt/Lightning connector hooked up to DMA?
> As far as cold boot, I'm aware of the FROST paper[2], but that isn't a
> commercialized offering, nor does it seem reliable or robust enough
> for law enforcement needs.  Chip-off attacks are very unlikely.  AFAIK
> iPhone jailbreaks require you to unlock your phone for technical
> reasons, so those aren't possible without an unlocked phone (although
> I'm not positive about that.)
> Does anyone know about anything in this space? Where an 'ordinary' law
> enforcement agency (e.g. the NYPD, not the NSA) could shortcut a
> strong passphrase on a phone technically? (e.g. not beating it out of
> someone?)
> -tom
> [0] http://www.elcomsoft.com/eift.html#passcode
> [1] http://boingboing.net/2013/07/26/pin-punching-200-robot-can-br.html
> [2] https://www1.informatik.uni-erlangen.de/frost
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
Pherhaps I am in the dark about this, but I'm sure attacking android is 
quite simple as mobile security is farely new.  I have to wonder why you 
are asking?


More information about the cryptography mailing list