iOS 10.1 Update Released Removing Encrypted Backup Metadata

iOS 10.1.0 was publicly released today, fixing an issue that made it easier for password guessing software to brute force iPhone backup passwords.

The password-guessing vulnerability had to do with the new storage of encrypted metadata for iOS 10.0 backups. The iOS 10.0 backup file list for encrypted backups stored a hash of the backup password using SHA-256. This was stored separately from the keybag, which is protected with your password run through PBKDF2 with 10,000 iterations. (See the iOS Security Guide if you're curious about that :)) Essentially, in backups made with iOS 10.0 there were two places that stored a derivation of your iTunes backup password. One is the PBKDF2 backup keybag that's been around for years, the second was this new SHA-256 hash, which is easier to brute force.

So, the fix was to remove the encrypted metadata and the stored password hash. It also consequently "fixes" another issue I wrote about, caused by clicking "Change Password" in iTunes for iOS 10.0 devices.

The downside to this fix is that the encrypted metadata in iOS 10 backups was removed, and we're back to unencrypted metadata. That means things like the dates files were created or last modified, and file sizes are easily accessible again. But, even the iOS 10.0 backups with encrypted metadata still stored what apps were installed as well as backup file names in plain-text, so maybe it's not a big deal. :)