Apple iOS backups
Summary
- Hash algorithms used: SHA-1
- Encryption algorithms used: AES
- Complexity of attack: High
- Password recovery speed: thousands (CPUs), tens of thousands (GPUs)
- CPU optimizations: MMX, SSE2, AVX, XOP
- NVIDIA GPUs support: G80+ (GT8600 and higher)
- AMD GPUs support: RV710+ (HD4350 and higher)
General information
Apple iOS 4.x — 12.x backups using PBKDF2 (RFC 2898) with 10000/10000000 iterations
for key derivation. Key container file contains several AES "wrapped" keys (RFC 3394)
used for further encryption. Backups by default placed at:
%APPDATA%\Apple Computer\MobileSync\Backup\directory. For Windows 7 this means:
\Users\(username)\AppData\Roaming\Apple Computer\MobileSync\Backup\For Windows XP:
\Documents and Settings\(username)\Application Data\Apple Computer\MobileSync\Backup\Each device having separate subdirectory and manifest.plist file inside it contains encrypted key container.
Attack settings
Standard attacks (brute-force with optional mask, dictionary based) are applicable, no specific settings required.
Additional information
Apple iOS 3.x backups are not supported by this software (yet).