Researchers able to predict Apple iOS-generated hotspot passwords

Although iOS generates seemingly random passwords for its hotspots to eliminate the use of 'default' passwords, researchers at a German university have found that they are able to break these passwords in under a minute.
Written by Michael Lee, Contributor

Researchers at the University of Erlangen in Germany have found a flaw in the automatically generated pre-shared keys used in Apple's iOS hotspots that could make them susceptible to attack in under a minute.

Under iOS, users have the option to specify their own passwords to secure their device when it is used as a personal hotspot. However, for convenience and security, Apple initially populates the password field with an automatically generated password. This ensures that even users who are not security conscious enough to change their password from the default will be protected from those attempting to access their phone with a default password.

However, according to three researchers from the German university, the method in which these passwords are generated leaves them vulnerable to attack. According to their paper, Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots (PDF), the passwords are a combination of a short dictionary word followed by a series of random numbers.

This does allow each password to be different, but, according to the researchers, an attacker can easily determine what passwords iOS uses for its defaults, because there is a limited list of words that are used to generate the password.

"This list consists of around 52,500 entries, and was originated from an open-source Scrabble crossword game. Using this unofficial Scrabble word list within offline dictionary attacks, we already had a 100 percent success rate of cracking any arbitrary iOS hotspot default password," the researchers wrote.

After capturing the wi-fi connection handshake, the researchers used an AMD Radeon HD 6990 GPU to iterate over all items in the list, including the permutations of additional numbers, taking them 49 minutes to brute force the password.

But the passwords used by the operating system aren't always picked at random. In fact, the researchers found that only a small subset of the 52,500 entries were being used.

"Only 1,842 different entries of that dictionary are taken into consideration. Consequently, any default password used within an arbitrary iOS mobile hotspot is based on one of these 1,842 different words."

This, combined with an increase in cracking hardware — a GPU cluster consisting of four AMD Radeon HD 7970s — allowed the researchers to crack any iOS hotspot with an OS-generated password within 50 seconds. Although such hardware is physically out of the reach of most users, the researchers said that similar resources are easily available through today's cloud computing technologies.

The paper criticises the approach of making such hotspot passwords easy to remember, and calls for vendors to use truly randomised passwords as their defaults.

"In the context of mobile hotspots, there is no need to create easily memorisable passwords. After a device has been paired once by typing out the displayed hotspot password, the entered credentials are usually cached within the associating device, and are reused within subsequent connections," the paper states.

"System-generated passwords should be reasonably long, and should use a reasonably large character set. Consequently, hotspot passwords should be composed of completely random sequences of letters, numbers, and special characters."

It should be noted that Apple does, however, do more for consumers than many other vendors that simply have static passwords as their defaults. Likewise, Windows Phone and Android may have similar issues.

"Default passwords in Windows Phone 8 consist of only eight-digit numbers. As this results in a search space of 108 candidates, attacks on Windows-based hotspot passwords might be practicable. Moreover, while the official version of Android generates strong passwords, some vendors modified the wi-fi-related components utilised in their devices and weakened the algorithm of generating default passwords."

Editorial standards