- Hash algorithms used: SHA-1
- Encryption algorithms used: AES
- Complexity of attack (BBB 5.x): Medium
- Complexity of attack (BBB 6.x): High
- Password recovery speed (BBB 5.x): millions (CPUs and GPUs)
- Password recovery speed (BBB 6.x): hundreds (CPUs), tens of thousands (GPUs)
- CPU optimizations: MMX, SSE2, AVX, XOP, AES-NI
- NVIDIA GPUs support: G80+ (GT8600 and higher)
- AMD GPUs support: not yet implemented
BlackBerry backups using PBKDF2 (RFC 2898) with 1 (version 5.x) or 20000 (version 6.x) iterations
for key derivation. Backup file encrypted with AES algorithm using 256-bit key.
Backups by default placed at:
%APPDATA%\Research In Motion\BlackBerry\directories. For Windows 7 this means:
\Users\(username)\Documents\BlackBerry\Backup\For Windows XP:
\Documents and Settings\(username)\Application Data\Research In Motion\BlackBerry\Backup files having *.ipd extensions.
Standard attacks (brute-force with optional mask, dictionary based) are applicable, no specific settings required.
As 5.x backups using very weird iteration count for PBKDF2 function (it's 1 — one) password recovery rate mainly limited by AES key setup function not SHA-1 function as it usually happens with PBKDF2-based password protection schemes. With hardware AES-NI support within modern CPUs they become very competitive comparing with GPUs. Though top end GPUs are still faster than CPUs with AES-NI the difference in password recovery speed is not that significant as for other algorithms (1.5-2x).
Note that the current version of Passcovery Suite doesn't support recovery of BB 5.x backup passwords on AMD (ATI) video cards.