updated 08:15 pm EST, Fri February 10, 2012
Relies on brute force, forensic specialists
A somewhat sensationalist press release from Russian forensic-cryptology company ElComSoft claims that it can "crack" passwords users put on documents created in Apple's iWork software (which comprises Pages, Numbers and Keynote). However, the company admits that the attack is just a variation on a brute-force cracking method that attempts to guess the password.
ElComSoft's update to its Distributed Password Recovery tool can defeat the AES 128-bit key of Apple's iWork password scheme by presuming that users will likely use easy-to-guess passwords, and by committing multiple attacking CPUs and sufficient time to eventually try enough combinations to guess the password. The company also admits that the process, which can guess a few hundred passwords per second for each CPU included in the attack is still "painfully slow," reports CNet, but that the strength of the encryption scheme makes it the "only feasible solution."
The fact that forensic specialists using expensive custom software (ElComSoft's tool costs $600 per seat) and brute-force attacks might crack an iWork password would not be surprising to most users, few of whom routinely password-protect individual documents anyway. Apple could (and might in a future version) increase the complexity of the encryption to a 256-bit AES key instead of 128-bit, but brute-force attacks could still (given additional resources and time) conceivably guess the password.
The press release is not dissimilar to Passware's recent claim of being able to forensically recover Filevault 2 encryption keys (if they still reside in active RAM) through the Firewire port of a Mac; in both cases, physical access to the machine is required, and the hacks do not actually break the encryption method. CNet notes that both companies are inadvertently admitting that Apple's choices for encryption are sufficiently strong for typical use and require very advanced, coordinated and expensive methods to circumvent. It also points out that the company includes a strong-password generator built into Keychain Access and various applications that allow document passwords so allow users can quickly create independent, high-security passwords using a combination of letters, caps and numbers to make passwords extremely resistant to all manner of attempts to recover or circumvent them. [via CNet]