New tool cracks Apple iWork passwords
Russian cryptography company ElcomSoft has developed a tool that makes cracking iWork document passwords easier.
Apple offers a number of options for securing your data on a Mac, including enabling FileVault for whole disk encryption in Lion (or home folder encryption in prior versions of OS X), and encrypted disk images for securing collections of documents.
In addition, as with other software developers, Apple has included options to secure individual documents for some of its programs, such as those in its iWork productivity suite.
To do this in iWork, create or open a document in Pages, Numbers, or Keynote, and then open the inspector window by clicking its icon in the toolbar or by pressing Option-Command-I. Then select the "Document" section in the inspector and check the option to require a password to view the document. After supplying a your password and confirming it, the document will now require you supply this password whenever it is opened.
While Apple uses 128-bit AES encryption in its password-protected documents, unless you use a good password, then it is quite feasible that the password can be cracked. Recently, Russian forensics cryptology company ElcomSoft issued a press release claiming it has updated its Distributed Password Recovery tool so it can recover the password used for securing iWork documents; however, while some recent efforts such as have performed hacks that take advantage of security holes in systems, this new effort is just an educated brute-force attack.
ElcomSoft assumes that because iWork is a commercial product, consumers will likely use passwords that are easier to figure out, such as those that use names and dictionary terms. As a result, the company's tool performs a massive distributed dictionary brute-force attack that is able to test a few hundred passwords per second for every CPU included in the attack (up to 64 CPUs and 32 GPUs per processing node, with linearly scaling performance increases up to 10,000 nodes).
The more CPUs that can be recruited to do the job, the faster the process will go; however, despite this ability, ElcomSoft CTO Andy Malyshev claims "the recovery process is painfully slow," and states Apple's use of 128-bit AES encryption makes the brute-force attack the "only feasible solution" to password recovery.
This is not the first time in recent weeks that Apple's security options have been tested. Recently to help forensic agencies, password decryption company Passware described its ability to recover Apple's FileVault 2 encryption keys from system memory using FireWire's Direct Memory Access (DMA) features. ElcomSoft's efforts are likewise targeted for helping forensics investigations, and the recovery software tool will cost $599 per license.
ElcomSoft's tool is not only designed to work against iWork documents, but also is used to guess the passwords for Office documents, Windows and Unix log-ons, PDF documents, and numerous other technologies.
As with the Passware attack on FileVault, this new approach is only a clever workaround and does not break the encryption schemes that Apple uses. Therefore, these recent claims only help confirm that Apple's security implementation in iWork is well-done, and suggests the real problem is that people often use insecure passwords that can be easily guessed.
To help avoid this, it is best to ensure the passwords you use are high-quality, and are not patterned in ways that might be easy to guess. If you need help in choosing a good password to use for a document or system service,as part of its security framework that can be invoked through programs built with this framework.