Tethered and vulnerable: Hotspot password FAIL not just in iPhones

The LOT OF YOU might as well pick 'em from Scrabble dictionary

High performance access to file storage

Analysis The recent discovery that Apple's iOS hotspot passwords are readily crackable in under 50 seconds is part of a wider problem involving other smartphone platforms, claim researchers.

As recently reported by El Reg and others, a team of security researchers discovered from the University of Erlangen, Germany discovered that passphrases auto-generated by the "Personal Hotspot" are far weaker than Apple claims.

Bad though Apple's implementation is, other smartphone manufacturers support similar features and their approach is even worse in some cases, according to preliminary - and overlooked - findings from Andreas Kurtz, Felix Freiling and Daniel Metz, the three members of the Erlangen team.

Other mobile platforms might be affected by these deficits as well. Although we did not analyze other platforms in detail, spot-checks have revealed that default passwords in Windows Phone 8 consist of only 8-digit numbers. As this results in a search space of 108 candidates, attacks on Windows-based hotspot passwords might be practicable.

Moreover, while the official version of Android generates strong passwords, some vendors modified the Wi-Fi related components utilized in their devices and weakened the algorithm of generating default passwords. For instance, some Android-based models of the smart-phone and tablet manufacturer HTC are even shipped with constant default passwords consisting of a static string (1234567890).

However, future studies will be necessary to evaluate the security level of mobile hotspots on other platforms in more detail.

A more detailed look at the security shortcomings of hotspot implementation on other smartphones is not yet available. Kurtz told El Reg: "Unfortunately, we did not analyze other mobile platforms in detail."

The Erlangen team advises users never to accept the auto-generated passphrases suggested by mobile phones for Wi-Fi hotspots, even if the suggested password appears on casual inspection to be secure. The advice applies to all smartphones but derives from a close look at how Apple's technology works in practice.

Apple iPhones and iPads with 3G support can be used as Wi-Fi access points, a feature Apple calls "Personal Hotspot". The technology is designed with ease of use in mind, so Apple allows punters to generate a WPA passphrase that users can share amongst themselves and that can be typed in easily.

The password generator creates a pronounceable string of up to six characters, and combines it with a four digit number. That ought to give 30 billion possible combinations. A brute force attack using a decent laptop testing 3,000 WPA keys per second against a sniffed Wi-Fi session would take 120 days to run through all possible combinations.

This isn't a practical attack, but Kurtz, Freiling and Metz didn't take such assumptions for granted, instead deciding to investigate how the feature really worked.

Passphrase bingo

As a first step they generated a sample of Personal Hotspot passphrases. They wrote down the pronounceable word part of these login credentials before searching the internet to see if the words appeared together anywhere in a downloadable list. As it turned out these iOS Wi-Fi password words almost always seemed to appear as entries from a table used by an open source Scrabble game, containing a dictionary of 52,000 words.

If Apple was using words from this list in combination with a four digit number (which multiples the range of possible combinations by 10,000) then they were using a range of just 52 million possible passphrases.

At this point the researchers formed a tentative theory that the Apple passphrase generator has a dictionary list under the bonnet. To find out what going on the researchers set about disassembling the passphrase generator code.

They discovered that the software first fed a pseudo-random non-word into a spell checker and captured what came back before adding four pseudo-random digits. Only words of between four and six characters that happened to get returned by the spell checker were accepted.

The researchers wrote their own implementation of the passphrase generation code and ran it 100 million times with pseudorandom input. Only 1,842 different words came back, evidence that Apple's implementation was actually far worse than if the fruity firm had just used a Scrabble dictionary. Apple's tool generated only 18 million possible passphrases.

Encryption's fine - it's the passphrases that suck

Using a GPU rig of graphics cards, something many attackers would be able to access, the researchers discovered they needed just 50 seconds to run through all possible combinations - making it possible to brute-force crack a hotspot passphrase in less than a minute.

The researchers published their findings in a paper entitled, Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots. Kurtz, Freiling and Metz note that Apple's crypto-snafu is based on weak default passwords rather than a deeper problem with the WPA2 encryption protocol, which remains secure.

Paul Ducklin, writing on Sophos's Naked Security blog, said the issue means users need to come up with their own passphrase rather than accepting Apple's suggested login credentials.

"Anyone who knows your WPA key and is around when you connect to your network can decrypt your traffic in real time," Ducklin warns. "And anyone who is around when you connect and can sniff your traffic can attempt to crack the password and decrypt your traffic later. Choose your own passphrase, and make it a good one, when using iOS's Personal Hotspot," he concludes.

Kurtz, Freiling and Metz also advise avoiding default passwords in a summary of their research that explains why been able to crack passwords quickly is important to potential attackers.

"As it is always good advice to replace initial default passwords by user-defined strong and secure passwords, this becomes particularly relevant on mobile hotspots passwords," they conclude. ®

High performance access to file storage

More from The Register

next story
Broadband Secretary of SHEEP sensationally quits Cabinet
Maria Miller finally resigns over expenses row
Skype pimps pro-level broadcast service
Playing Cat and Mouse with the media
Beat it, freetards! Dyn to shut down no-cost dynamic DNS next month
... but don't worry, charter members, you're still in 'for life'
Like Google, Comcast might roll its own mobile voice network
Says anything's possible if regulators approve merger with Time Warner
EE dismisses DATA-BURNING glitch with Orange Mail app
Bug quietly slurps PAYG credit - yet EE denies it exists
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
prev story


Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.