or Connect
AppleInsider › Forums › General › General Discussion › Apple reaffirms security, privacy of encrypted iMessages
New Posts  All Forums:Forum Nav:

Apple reaffirms security, privacy of encrypted iMessages

post #1 of 51
Thread Starter 
Apple on Friday issued a statement affirming the security of their iMessage instant messaging service, rebuking suggestions that the company could, if forced by court order, intercept the encrypted missives.

iMessages


"iMessage is not architected to allow Apple to read messages," Apple spokewoman Trudy Muller said in a blunt statement to AllThingsD regarding recent suggestions that the iMessage protocol could be subject to a wiretap. "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

iMessage security has been a hot topic seemingly since the public release of the service alongside iOS 5 in 2011 when Apple's news release touted the feature as having "secure end-to-end encryption."

The United States Drug Enforcement Agency famously complained in April of this year that iMessage's secure design prohibited the agency from spying on suspects. The DEA circulated a memo to staff, warning that "iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider."

Apple's messaging service utilizes public key cryptography to secure its communications. Broadly speaking, public key cryptography works by encoding data with one key such that it can only be decoded with a different, mathematically matched, key.

Both keys are generated at the same time and are considered to be a "key pair" --?one key cannot be deduced from the other.

Apple's vehement response comes after suggestions from security firm QuarksLAB gained publicity this week. They suggested that Apple, which controls distribution of both keys via their central servers, can read users' iMessages by performing what is known as a "man-in-the-middle" attack, in which the central servers would transparently pass illegitimate key pairs between devices. The illegitimate key pairs would theoretically be generated by Apple, and thus allow the company to intercept iMessages.
post #2 of 51
QuarksLAB is doing what everybody does these days. Shameless.
post #3 of 51
Quote:
Originally Posted by MacManFelix View Post

QuarksLAB is doing what everybody does these days. Shameless.

What are they doing that everybody else is doing?

post #4 of 51
If they want to put this to rest, then they should have a few respected outside security experts come and do an audit of the system. Just saying, "That's not how our system works" won't stop the speculation and click-bait articles declaiming the possible/theoretical insider MitM vulnerabilities. I'm not talking about making the whole architecture opensource or anything, just a third-party audit of the security code much like they have outside firms audit their financial records.
post #5 of 51
Quote:
Originally Posted by MilSF1 View Post

If they want to put this to rest, then they should have a few respected outside security experts come and do an audit of the system. Just saying, "That's not how our system works" won't stop the speculation and click-bait articles declaiming the possible/theoretical insider MitM vulnerabilities. I'm not talking about making the whole architecture opensource or anything, just a third-party audit of the security code much like they have outside firms audit their financial records.

You're missing the salient point. Quarks is not misconstruing Apple's system. And Apple is not saying they are. Before criticizing any party, try reading Quarks' report and Apple's rebuttal. Of course, no need to do so if you just want to make a *soundbite* for the sake of it.

post #6 of 51
If the key pair is generated in Apple's server, surely they could use them or pass them on if required. For all we know the DEA wants everyone to use iMessage because they do just that.

Who cares, it's safer to assume the government can read your messages on all these devices and use alternate comm's methods if you need privacy.
post #7 of 51
Quote:
Originally Posted by robbiuno View Post

If the key pair is generated in Apple's server, surely they could use them or pass them on if required. For all we know the DEA wants everyone to use iMessage because they do just that.

Who cares, it's safer to assume the government can read your messages on all these devices and use alternate comm's methods if you need privacy.

True. Assume nothing is safe and you'll get it just about right.

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #8 of 51

QuarksLAB is trying what every other troll entity is doing:  Publishing a false negative article about Apple in order to gain eyeballs and publicity.

 

Anything negative about Apple gains a lot of publicity and immediate Pavlovian reaction from pro-Apple activists.  That is simply a fact of the world. And this is taken advantage of by anyone seeking publicity, notoriety and eyeballs to make more money from web-ads.

 

 

Quote:

Originally Posted by MacManFelix View Post

QuarksLAB is doing what everybody does these days. Shameless.

 

Quote:
Originally Posted by StruckPaper View Post
 

What are they doing that everybody else is doing?

post #9 of 51
Quote:
Originally Posted by SpamSandwich View Post
True. Assume nothing is safe and you'll get it just about right.

The thing is that whether absolute secrecy is a good thing or not depends on the circumstances. It is all relative. During the WW2 there were many resistance movements working against the Germans. From our pov absolute secrecy would have been fantastic. The Germans in turn were famously trying to communicate in secrecy to orchestrate  their u-boat attacks. Turing famously cracked the code and we are all grateful. Do I want 'the government' to be able to access any communication it pleases? Absolutely not, I don't trust any government not to abuse its powers. Do I wan't terrorist groups (that is also a relative term, of course) to be able to communicate with 100% assurance they will not be listened in on? I don't think so. 

post #10 of 51
Quote:
Originally Posted by StruckPaper View Post

What are they doing that everybody else is doing?

Name dropping Apple for attention. Stating things as fact that they can't prove. And so on

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #11 of 51
Quote:
Originally Posted by robbiuno View Post

If the key pair is generated in Apple's server, surely they could use them or pass them on if required. For all we know the DEA wants everyone to use iMessage because they do just that.

Who cares, it's safer to assume the government can read your messages on all these devices and use alternate comm's methods if you need privacy.

 

This.  I think anyone who assumes the government can't crack Apple's encryption is on the losing side.  If I were the DEA I'd leak internal memo's saying we can't crack Apple's code too.  Its called 'fishing for drug dealers dumb enough to believe that'

post #12 of 51
Quote:
Originally Posted by StruckPaper View Post

You're missing the salient point. Quarks is not misconstruing Apple's system.

You're right they didn't misconstrue anything. Because that term's connotation is that any false information is given by accident.

Quarks lied. They stated something they have no reasonable expectation of authority to know what they are talking about and no hard proof of it.

They didn't find a hole that lets them calculate the keys, decode the messages etc. They simply said that Apply is lying and can look up the key for any person they want and decode messages any time they want and lied that they could not.

Quarks can't prove this, knows they can't prove this, but stated it anyway. So no they didn't mistakenly state false information, they flat out lied. Something none of the hit whoring sites and blogs, including this one, bother to ever point out. Because they care more about the page hits than the truth. Which is why when Apple replies they will cast it as the act of a desperate company and so on.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #13 of 51
QuarksLAB is speculating on Apple's security based on how QuarksLAB would set up a messaging system. They have no actual knowledge of Apple's architecture and/or implementation of crypto for iMessage. They are simply grand-standing some potential vulnerabilities and hoping that some stick.

Who knows, perhaps their suggested MitM attack is possible, but perhaps Apple's security team architected iMessage to use an architecture that protects against server-side MitM attacks. Perhaps they are also using a one-off non-repeating cypher stream and uniquely-generated key pairs for each exchange that are destroyed immediately afterwards.

Who knows? QuarksLAB certainly doesn't!
post #14 of 51
We all know Apple is evil. We just needed "proof". /s

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #15 of 51
Quote:
Originally Posted by robbiuno View Post

If the key pair is generated in Apple's server, surely they could use them or pass them on if required.

Another statement made on assumptions and a lack of information. Same thing these 'experts' are doing. They haven't proven their claims and yet sites are picking up their claims as facts. Why? Because folks like you and those even less educated about tech will assume that a 'security company' would never say something that isn't true without noting the total lack of proof.

Same stunt stock analysts use all the time because they know that in general folks are stupid and too lazy to really think about what is being said. And sites play party to it because Apple gets page hits.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #16 of 51
Quote:
Originally Posted by Frood View Post

This.  I think anyone who assumes the government can't crack Apple's encryption is on the losing side.  If I were the DEA I'd leak internal memo's saying we can't crack Apple's code too.  Its called 'fishing for drug dealers dumb enough to believe that'

If they were going for that kind of a stunt they would claim they can't read basic SMS or such that it's on all phones. Cause even the dumbest drug dealer knows that burner flip phones are the best to use. Make them think no one can find them in any phone not just this restricted service.

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #17 of 51
I really hope no one is surprise by QuarkLab FUD claim, Apple iMessages service is nor better or worst than any other messaging system. Anyone one who is in control of a service can do pretty much anythings with the data they collect, check at Lavabit debunk who has prefer to close shop then comply with the feds order to give them all their clients data.
post #18 of 51

People can snidely suggest what they like but the evidence that iMessage and Facetime are encrypted and sealed off from the NSA is that they have been complaining in Memos about message trails going dark at Apple.

From April 2013: "A recent Justice Department memo revealed by CNET shows law enforcement’s frustration with Apple’s encrypted iMessage software. The internal memo, sent by the Drug Enforcement Administration, calls iMessages “a challenge to DEA intercept” and notes that messages sent between two Apple devices — the ones that turn blue in users’ chat windows — cannot be captured by monitoring devices.”

Do these Quarkslab people think the NSA is playing dumb to make Apple look secure? I think not!

post #19 of 51
Quote:
Originally Posted by charlituna View Post


Another statement made on assumptions and a lack of information. Same thing these 'experts' are doing. They haven't proven their claims and yet sites are picking up their claims as facts. Why? Because folks like you and those even less educated about tech will assume that a 'security company' would never say something that isn't true without noting the total lack of proof.

Same stunt stock analysts use all the time because they know that in general folks are stupid and too lazy to really think about what is being said. And sites play party to it because Apple gets page hits.

Did you actually read the Quarks report?  They offered a pretty thorough run down of the parts of the protocol that are exposed at the client side, and how the infrastructure handler works and would be able to decrypt the message.  And they plainly stated that even though Apple theoretically could read your iMessages, that doesn't mean that they are, or that their internal processes are set up today in a way that would make the process trivial.  Apple's response said much the same thing - "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

 

It disputes the interpretation of Apple saying they "can't" read your messages - maybe they can't right now, right this second, with everything set up exactly as it is, but they have the power to change those things so that they can.  Just like I can't run a marathon right now, as I'm not at peak fitness, and I've left my running shoes at home; but give me a little while and under my own power I'll be able to.

 

A more interesting discussion than outrage at the attacks on Apple would be talking about how Apple can assure their customers that the infrastructure will not be changed to allow them (or other agencies) to snoop, and what protection users have from a court order on Apple.  "Trust us" doesn't really work as a security feature.  This is an area where Apple's corporate secrecy and ownership of its technology and infrastructure can be of concern to its customers.

censored

Reply

censored

Reply
post #20 of 51
This just in, VISA has access to your VISA card number, AND pin, AND credit card verification code.

Also your older brother knows your weaknesses! Beware of big brother!
post #21 of 51
Quote:
Originally Posted by Crowley View Post

Did you actually read the Quarks report?  They offered a pretty thorough run down of the parts of the protocol that are exposed at the client side, and how the infrastructure handler works and would be able to decrypt the message.  And they plainly stated that even though Apple theoretically could read your iMessages, that doesn't mean that they are, or that their internal processes are set up today in a way that would make the process trivial.  Apple's response said much the same thing - "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

It disputes the interpretation of Apple saying they "can't" read your messages - maybe they can't right now, right this second, with everything set up exactly as it is, but they have the power to change those things so that they can.  Just like I can't run a marathon right now, as I'm not at peak fitness, and I've left my running shoes at home; but give me a little while and under my own power I'll be able to.

A more interesting discussion than outrage at the attacks on Apple would be talking about how Apple can assure their customers that the infrastructure will not be changed to allow them (or other agencies) to snoop, and what protection users have from a court order on Apple.  "Trust us" doesn't really work as a security feature.  This is an area where Apple's corporate secrecy and ownership of its technology and infrastructure can be of concern to its customers.

Please tell me what tech company do you trust?
post #22 of 51

So let me get this straight (imagine Christopher Walken saying this):

 

"If I channel.... my communications... through... an intermediary... THEY HAVE MY COMMUNICATIONS?!?!"

 

The shock!  The outrage!  The stupid people!  Rabble rabble rabble!

I have seen the future, and it's my mac mini server. I love that little guy...
Reply
I have seen the future, and it's my mac mini server. I love that little guy...
Reply
post #23 of 51
Quote:
Originally Posted by charlituna View Post


You're right they didn't misconstrue anything. Because that term's connotation is that any false information is given by accident.

Quarks lied. They stated something they have no reasonable expectation of authority to know what they are talking about and no hard proof of it.

They didn't find a hole that lets them calculate the keys, decode the messages etc. They simply said that Apply is lying and can look up the key for any person they want and decode messages any time they want and lied that they could not.

Quarks can't prove this, knows they can't prove this, but stated it anyway. So no they didn't mistakenly state false information, they flat out lied. Something none of the hit whoring sites and blogs, including this one, bother to ever point out. Because they care more about the page hits than the truth. Which is why when Apple replies they will cast it as the act of a desperate company and so on.

You either didn't read or didn't understand their analysis. But yet you feel passionate about this. LOL!!!

post #24 of 51
Quote:
Originally Posted by charlituna View Post


Same stunt stock analysts use all the time because they know that in general folks are stupid and too lazy to really think about what is being said. And sites play party to it because Apple gets page hits.

Well, you are proving your own point.

post #25 of 51
Quote:
Originally Posted by MyopiaRocks View Post
 

So let me get this straight (imagine Christopher Walken saying this):

 

"If I channel.... my communications... through... an intermediary... THEY HAVE MY COMMUNICATIONS?!?!"

 

The shock!  The outrage!  The stupid people!  Rabble rabble rabble!

Try to understand something before mocking it. Otherwise, you are just making a mockery of yourself.

post #26 of 51
Quote:
Originally Posted by matrix07 View Post


Please tell me what tech company do you trust?

If you trust Apple (and you should), then you might appreciate that they are not truly refuting the Quarks report. But, if you are like others (such as Charlatan), then by calling Quarks liars you are really not trusting Apple.

post #27 of 51

Isn't that report kinda like saying that someone could gain unlawful entry into my neighbor's house if he were to leave a spare key under a rock in the garden and a thief were to find that key.

 
Sure sounds like my neighbor is just asking for someone to break in and is not being at all safe.
 

Let's ignore the fact that I have no knowledge of whether or not my neighbor does in fact leave a key under a rock in the garden - or whether he has additional locks, bars, other security devices or an alarm system etc that would alert him to a break in or prevent or stop it. 

post #28 of 51
Quote:
Originally Posted by enzos View Post
 

People can snidely suggest what they like but the evidence that iMessage and Facetime are encrypted and sealed off from the NSA is that they have been complaining in Memos about message trails going dark at Apple.

From April 2013: "A recent Justice Department memo revealed by CNET shows law enforcement’s frustration with Apple’s encrypted iMessage software. The internal memo, sent by the Drug Enforcement Administration, calls iMessages “a challenge to DEA intercept” and notes that messages sent between two Apple devices — the ones that turn blue in users’ chat windows — cannot be captured by monitoring devices.”

Do these Quarkslab people think the NSA is playing dumb to make Apple look secure? I think not!

1. DEA ≠ NSA

2. Read the damn reports before commenting.

post #29 of 51

Apple doesn't keep information it doesn't want to know.  This protects it from having that information subpoenaed or stolen.  If the government passes a law requiring it to keep certain information, then it has no choice.  If there are laws on the books that can require Apple to change their mass-market messaging software so that it logs more information, or change its protocols to enable a wiretap, then there's nothing Apple can do about that.  But changing a live system that carries billions of messages a day is not easy, and Apple could put up quite a bit of resistance.  It's strongly in Apple's economic interest to be on the side of its customer's privacy in this matter.

post #30 of 51
iMessagegate

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #31 of 51
As far as I can tell from the report, the issue is this:

1. Apple's servers tell each client the other one's public key, so they know how to encrypt the message.

2. The message is encrypted using this key and sent via Apple's servers to the target device.

 

The issue is in the first step: Apple control the key distribution. It would be entirely possible for them to tweak the key servers so that for a particular list of users an insecure key is sent instead. This would then let them decrypt or do whatever they feel like to the message in transit. And it's not impossible to imagine that the NSA would request (or rather demand) wiretaps like this on "suspicious" individuals.

 

According to what Apple's said though, their system currently isn't set up in a way that would make this possible (presumably the infrastructure needed to decrypt / alter the target messages doesn't exist), so there isn't anything to worry about right now. 

 

It's still interesting to know about potential issues like this though, even if they're strictly theoretical and you couldn't really do anything about them anyway.

post #32 of 51
Quote:
Originally Posted by DarkLite View Post
 

1. Apple's servers tell each client the other one's public key, so they know how to encrypt the message.

2. The message is encrypted using this key and sent via Apple's servers to the target device.

 

The issue is in the first step: Apple control the key distribution. It would be entirely possible for them to tweak the key servers so that for a particular list of users an insecure key is sent instead. This would then let them decrypt or do whatever they feel like to the message in transit. And it's not impossible to imagine that the NSA would request (or rather demand) wiretaps like this on "suspicious" individuals.

 

According to what Apple's said though, their system currently isn't set up in a way that would make this possible (presumably the infrastructure needed to decrypt / alter the target messages doesn't exist), so there isn't anything to worry about right now. 

 

It's still interesting to know about potential issues like this though, even if they're strictly theoretical and you couldn't really do anything about them anyway.

Now here's a cogent, informed view. 

 

Kids, this is what happens when you read before commenting.

post #33 of 51

So let me get this straight. Apple is under attack because it could theoretically re-engineer it's systems to read your iMessages when we know that Google is scanning your every email, instant message, contacts, browser history?!?! Apple needs to stop playing defense on this issue and go on the offensive and make people aware that Google is the real Big Brother of the internet.

 

Why don't we see articles like this directed at Google? Oh because everyone is afraid to challenge Google and risk watching their web traffic tank as Google retaliates. Google has way too much influence on the media and the market and something must be done about it.

cut the tech garbage and check me out at

www.appletechspot.com

Reply

cut the tech garbage and check me out at

www.appletechspot.com

Reply
post #34 of 51
Quote:
Originally Posted by DarkLite View Post
 

1. Apple's servers tell each client the other one's public key, so they know how to encrypt the message.

2. The message is encrypted using this key and sent via Apple's servers to the target device.

 

The issue is in the first step: Apple control the key distribution. It would be entirely possible for them to tweak the key servers so that for a particular list of users an insecure key is sent instead. This would then let them decrypt or do whatever they feel like to the message in transit. And it's not impossible to imagine that the NSA would request (or rather demand) wiretaps like this on "suspicious" individuals.

 

According to what Apple's said though, their system currently isn't set up in a way that would make this possible (presumably the infrastructure needed to decrypt / alter the target messages doesn't exist), so there isn't anything to worry about right now. 

 

It's still interesting to know about potential issues like this though, even if they're strictly theoretical and you couldn't really do anything about them anyway.

 

I don't know much about how the key are generated - but in theory wouldn't it be simpler to just send an extra copy of each key to a datastore where it could later be retrieved - or only save the extra key AFTER getting a warrant to surveil an individual - and then perhaps only the key used when that person sends - and a separate warrant to decrypt anything sent from the person on the other end? 

 

I do know that in tape encryption with a key manager the recommended best practice is to have redundant key managers - of course that is for cases where you are encrypting the data put onto a tape - and need to be able to decrypt that info at a (perhaps much) later date - while preventing anyone who might wander off with the data cartridge from being able to decrypt the info stored on it. A bit different perhaps than instant messaging - but certainly should indicate that if someone other than you is generating the key then you really have no way to guarantee or verify whether or not that key is stored and for what the retention policy is on that key. 

post #35 of 51
Quote:
Originally Posted by AppleTechSpot View Post

So let me get this straight. Apple is under attack because it could theoretically re-engineer it's systems to read your iMessages when we know that Google is scanning your every email, instant message, contacts, browser history?!?! Apple needs to stop playing defense on this issue and go on the offensive and make people aware that Google is the real Big Brother of the internet.

Why don't we see articles like this directed at Google? Oh because everyone is afraid to challenge Google and risk watching their web traffic tank as Google retaliates. Google has way too much influence on the media and the market and something must be done about it.

Under attack? Exaggerate much?

The notion that Google isn't under constant criticism is absurd and patently dishonest.
Edited by stelligent - 10/18/13 at 9:55am
post #36 of 51
To Tim Cook and Apple...

1. Thank you for architecting a secure system that so far has not been broken government agencies and security organizations. Many people are trying and will celebrate if it is ever broken.

2. Thank you for attempting to protect the privacy of your customers. There are not many companies actually adhering to the statement they do not want to know what their customers are texting.

3. More than ever many eyes in this world are focused on you to see you falter in your efforts. Every security technology you deploy in your iDevices will be scrutinized for flaws. If no flaws are found in the technology, it will be reported that you are the flaw.

4. Remain focused on surprising, delighting and strengthening customer loyalty with great products that are envied by your competitors.

Regards,

leavingthebigG
post #37 of 51

It has been said, you first have to assume any communication through any electronic method is open to be tapped and record for others to read. It is foolish to think otherwise. Yes we like to believe Apple has no real evil intent and is not interested in anything you have to say unlike Google. It does not mean that if the government wanted Legal access to an individual communications they would not be able to gain access. Apple said they do not store message and they are encrypted so the average Joe could not capture and read the message. This is most likely a true statement.

 

However, there is nothing to say Apple could not be ordered to capture the encrypted data and store and then hand it over to someone to deencrypted the content later. There are computer and algorithms out that can break most all encryption systems. The Government will tell you if you not doing anything you should not worry whether the government can gain access to your communications. Just remember it not illegal to have access to your information, it just illegal what they do with it. ie. the government can listen and know you doing all kinds of bad things but they can not arrest you because they were listening.

 

Apple does not need to play man in the middle, they can need to collect the information if asked and the government can do the rest. Keep in mind Apple has released information which they stated they come complied with government legal orders to provide specific user data, so apple could be compelled to do the same for imessages. The DEA is just complaining they can not obtain this information through their normal listening methods.

post #38 of 51
Quote:
Originally Posted by leavingthebigG View Post

To Tim Cook and Apple...

1. Thank you for architecting a secure system that so far has not been broken government agencies and security organizations. Many people are trying and will celebrate if it is ever broken.

2. Thank you for attempting to protect the privacy of your customers. There are not many companies actually adhering to the statement they do not want to know what their customers are texting.

3. More than ever many eyes in this world are focused on you to see you falter in your efforts. Every security technology you deploy in your iDevices will be scrutinized for flaws. If no flaws are found in the technology, it will be reported that you are the flaw.

4. Remain focused on surprising, delighting and strengthening customer loyalty with great products that are envied by your competitors.

Regards,

leavingthebigG

You forgot to add "xox" at the end. Geez, how old are u?
post #39 of 51

If you think that Google gets half the criticism and scrutiny that Apple does much less the level it deserves, I'd love to have the meds you are on. Until the tech blogosphere isn't beholden to Google's model of click advertising to make money, Google will continue to skate around these issues of privacy.

 

Google's access to people data is several orders of magnitude higher than Apple's yet how many places do we see this iMessage story on the net today? Bloggers know where there money comes from and do very little to rock the boat. Until we have a model where people pay for content on the internet and aren't dependent on an advertising based model which is dominated by Google, Google will continue to control the conversation in the tech media. If you don't believe this isn't happening then you clearly aren't paying attention. Absurd you say? Obvious I say!!!

cut the tech garbage and check me out at

www.appletechspot.com

Reply

cut the tech garbage and check me out at

www.appletechspot.com

Reply
post #40 of 51
Quote:
I don't know much about how the key are generated - but in theory wouldn't it be simpler to just send an extra copy of each key to a datastore where it could later be retrieved - or only save the extra key AFTER getting a warrant to surveil an individual - and then perhaps only the key used when that person sends - and a separate warrant to decrypt anything sent from the person on the other end?

I do know that in tape encryption with a key manager the recommended best practice is to have redundant key managers - of course that is for cases where you are encrypting the data put onto a tape - and need to be able to decrypt that info at a (perhaps much) later date - while preventing anyone who might wander off with the data cartridge from being able to decrypt the info stored on it. A bit different perhaps than instant messaging - but certainly should indicate that if someone other than you is generating the key then you really have no way to guarantee or verify whether or not that key is stored and for what the retention policy is on that key.

No. In public key cryptography, the public key is just what it says... Public! The security relies on protecting the private key which is generated on the device itself and stored in the protected key storage on the A* chip.

Apple runs a Certificate Authority that issues certificates to each of your devices, so it's apple verifying you are who you claim to be and keeping a record, just like Verisign or any other CA does for SSL. That entire process is well known and Apple never sees the private key, same as Verisign doesn't have your website's private key and can't setup a website pretending to be you.

When the message goes out, it is encrypted with the public key of the *intended receiver* so you must have that receivers private key to decrypt it... That's why the sending device sends multiple messages, one for every device the receiver owns, each encrypted with a separate public key. The message is further signed by your local private key, for which you need the sender's public key to verify it was not forged. That's why the receiving device asks Apple for your list of certificates.

The vulnerability here is the same one for SSL... If Apple lies and gives out fake certificates (public keys) when asked, then they can pretend to be the intended receiver. However not event he awful Patriot act allows such things, as it requires Apple (or a third party) to pretend to be the receiver. To my knowledge, no court has ever (or could ever) compel a third party like Apple or Verisign to issue a false certificate to law enforcement.

Apple's statement is that their Certificate Authority has no code to perform this man in the middle attack and they won't write any to do so, meaning a court order would have to go further and compel them to write new code and change their systems.

These guys did discover one bug: the local device doesn't require that the certificates are issued with a chain of trust ending at Apple's CA, they'll accept any trusted CA in the list, so if you can inject a certificate onto the device any you can hijack the local DNS server, then you can eavesdrop. The fix is fairly easy and quick.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Apple reaffirms security, privacy of encrypted iMessages