Apparently iPhone passwords may not be as secure as one might believe. According to German security researchers from the Fraunhofer Institute Secure Information Technology (Fraunhofer SIT), if you have physical access to the phone, passwords can be recovered from a locked Apple iPhone in six minutes.
But how is this possible? According to documentation on Fraunhofer’s site:
When an iOS device with hardware encryption capabilities is lost or stolen, many users believe that there is no way for a new owner to access the stored data — at least if a strong passcode1 is in place. This estimation is comprehensible, since in theory the cryptographic strength of the AES256 algorithm used for iOS device encryption should prevent even well equipped attackers. However, it was already shown2 that it is possible to access great portions of the stored data without knowing the passcode.
Tools are available for this tasks that require only small effort. This is done by tricking the operating system to decrypt the file system on behalf of the attacker. This decryption is possible, since on current3 iOS devices the required cryptographic key does not depend on the user’s secret passcode. Instead the required key material is completely created from data available within the device and therefore is also in the possession of a possible attacker.
From the video above you can see the jailbreaking tool and script that Fraunhofer uses in action to access the secrets stored on the iPhone.
Big deal, one might say, they can read my text messages. Well, with smart phones becoming a standard enterprise network client, theoretically one could retrieve the passwords used to access corporate networks with this utility.
According to the researchers site, all current iPhones and iPads are vulnerable to this attack.
It would seem that the dangers of leaving your laptop lying around now pertain to your smart phone too.