Today, secret codes such as passwords and PINs are the most prevalent means for user authentication. Because of the constantly growing number of required secret codes, computer users are increasingly overtaxed. This leads to many problems in daily use, e.g., costs due to forgotten passwords in enterprises and security problems through bad password practice. Storing secret codes on mobile phones seems to be some kind of panacea to have secret codes always available since mobile phones are todays permanent companions. Code Memo is a software that is used on mobile phones to store secret codes in a safe way; it is provided as firmware on Sony Ericsson mobile phones. We assume that the intention of the Code Memo designers was to provide an ideal cipher system according to Shannons classifi cation, i.e., it leaves an adversary with uncertainty w.r.t. the correct decryption key. In this paper we show how to break Code Memo. For our attack, we have identified feedback channels in Code Memo that can be exploited for distinguishing correct master passwords from incorrect ones, and thereby, sieving candidates of master passwords. This weakness allows attackers in a realistic setting to identify the correct master password, and thus, to obtain all the stored passwords and PINs.
