Browse code

Completed first revision of article Added distribution analysis to spread sheet

Puskás Zoltán authored on 19/05/2012 23:37:14
Showing 2 changed files

1 1
Binary files a/doc/analysis.ods and b/doc/analysis.ods differ
... ...
@@ -56,11 +56,12 @@ To find out what and how many patterns there are I have written a small
56 56
 program. It also can be used to generate random patterns for you to use on
57 57
 your device (the same way pwgen is used for password generation for computers).
58 58
 
59
-Let us compare the security of the pattern unlock to the old school PIN code.
60
-For that lets see the raw data:
59
+First let us see the numbers (both raw and derived data).
61 60
 
62 61
 [Look at spreadsheet data]
63 62
 
63
+Let us compare the security of the pattern unlock to the old school PIN code.
64
+
64 65
 As you can see for a given number of dots there are much fewer combinations
65 66
 than for the same amount of numbers when used in a PIN code. However it is 
66 67
 compensated for by limiting the speed and amount of tries. The phone allows
... ...
@@ -78,10 +79,37 @@ combination and a 7 dot long pattern is similar in strength to a 5 digit PIN
78 79
 combination. However a 6 digit PIN is already more secure then all the
79 80
 patterns combined together.
80 81
 
81
-However life is not purely mathematical. Most (all?) of the touchscreens will
82
-retain a smudge from the fingers after usage. Sometimes it is just chaos but
83
-if the unlock pattern is used regularly the patterns path can be seen viewed
84
-from certain angles. This is also the case for the PIN mode. Dots on the screen
85
-can be seen at the locations of the numbers. So lets see how does this help
86
-the attacker.
82
+However life is not purely mathematical so let's consider factors not
83
+accounted for previously. 
84
+
85
+Most (all?) of the touch screens will retain a smudge from the fingers after
86
+usage. Sometimes it is just chaos but if the unlock pattern is used regularly
87
+the patterns path can be seen viewed from certain angles. This is also the case
88
+for the PIN mode. Dots on the screen can be seen at the locations of the numbers.
89
+This will tell the attacker what dots/numbers are used. In the case of the PIN
90
+the attacker is not really helped out since the length of the PIN is still
91
+unknown to him, so there is still a lot of possibilities (since one number can
92
+be used multiple times). 
93
+
94
+In the case of pattern unlock the used dots will be known and thus the number of
95
+patterns reduced significantly. In the table above one can see the distribution
96
+of pattern counts for different dot counts. For 4 long patterns for a given dot
97
+choice at maximum there will be 24 patterns, but what is worse for some choices
98
+there are only 2 valid patterns! 
99
+
100
+This means that given 20 tires with the smudge the attacker can get access to
101
+the device with a high probability. The situation is slightly better for 5 dot
102
+long patterns, somehow acceptable for 6 length patterns and goes beyond 1%
103
+with 7 dots or more. An pattern path smudge (or a final patterns seen over the
104
+shoulder) will significantly reduce the security of the pattern unlock mechanism.
105
+
106
+Of course the smudge can be avoided by wiping the screen from time to time and
107
+over the shoulder peeking by disabling the path visibility in the settings (in
108
+this case the pattern is not drawn on the screen while unlocking).
109
+
110
+Conclusion
87 111
 
112
+The pattern unlock mechanism is an acceptable compromise between security and 
113
+comfort of the user. Still it is much weaker then the PIN unlock, so if you
114
+have important and/or sensitive data on the phone I still suggest using the
115
+good old PIN method.