iMessage Contact Key Verification appears in first iOS 16.6 beta

Posted:
in iOS
One of the first found feature changes in iOS 16.6 and iPadOS 16.6 may be an iMessage verification system that could help prevent government agencies from eavesdropping on the conversations of critics.

An example of an alert from iMessage Contact Key Verification
An example of an alert from iMessage Contact Key Verification


In December 2022, Apple introduced a number of security protections to help protect the sensitive data of its users in iCloud and iMessage. Months later, in the first beta of iOS 16.6 and iPadOS 16.6, Apple seems to be preparing to take one of the features live.

Released on May 19, the first developer beta of the new cycle includes a setting in iMessage to enable iMessage Contact Key. While the setting exists in the beta, reports MacRumors, it doesn't appear that the setting has been enabled in iOS itself, making its appearance an indicator that it should arrive in the near future.

During its introduction, Apple said that iMessage Contact Key Verification would arrive sometime in 2023, but not when.

The feature works as an enhancement to existing end-to-end encryption in iMessage itself, and specifically targets users who face what Apple refers to as"extraordinary digital threats." This refers to journalists, human rights activists, and members of government who may face attempts to break Apple's security and to eavesdrop on messaging conversations.

The Contact Key Verification feature allows a user to verify they are messaging only with the intended recipient, without interference from outside forces. For added security, users can verify with each other by comparing a Contact Verification Code in person, over FaceTime, or via other secured communications.

Users who have enabled iMessage Contact Key Verification will be alerted automatically if a state-sponsored attacker were to somehow succeed in breaching cloud servers or to otherwise find a way to monitor encrypted communications.


Read on AppleInsider

Comments

  • Reply 1 of 14
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    netroxAlex1N
  • Reply 2 of 14
    gatorguygatorguy Posts: 24,281member
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    Undisclosed man-in-the-middle eavedropping. By being included as a "secret' participant in the conversation E2EE is bypassed. This was reported a couple of years ago and by all appearances actively exploited for some time. 

    Us commoners have nothing to worry about anyway, we aren't that valuable or interesting. 
    edited May 2023 appleinsideruserAlex1Nderekmorrjony0
  • Reply 3 of 14
    netroxnetrox Posts: 1,437member
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    I am thinking the same. If both ends are encrypted, how can the "man in the middle" know what's being said? 


    appleinsideruserAlex1N
  • Reply 4 of 14
    netroxnetrox Posts: 1,437member
    gatorguy said:
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    Undisclosed man-in-the-middle eavedropping. By being included as a "secret' participant in the conversation E2EE is bypassed. This was reported a couple of years ago and by all appearances actively exploited for some time. 

    Us commoners have nothing to worry about anyway, we aren't that valuable or interesting. 
    But even with that, how would the man in the middle know what's being relayed if data is encrypted from end to end? You cannot decrypt if you don't have the key. 
    appleinsideruserwilliamlondonAlex1N
  • Reply 5 of 14
    downwinddownwind Posts: 1member
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    From the description, it does seems to be verifying the device you're connected from and not your user, probably using a unique secure enclave key on each device.

    That way, if someone manages to log in as you to iCloud by stealing credentials or somehow breaching iCloud, they can't just use any iPhone to log in and communicate as you without the other part knowing you're using a new device, the other party will know since they've never seen your device key before.

    appleinsideruserAlex1Njony0
  • Reply 6 of 14
    So, as there can be multiple device logged into the same iCloud (messages) account, this system somehow knows which ones are really me and warns me if there is another device active on the account?

    How does it know which ones are real and which ones are eavesdroppers? If it can tell, why not just prevent the eves-dropper from connecting in the first place?
    williamlondon
  • Reply 7 of 14
    So, as there can be multiple device logged into the same iCloud (messages) account, this system somehow knows which ones are really me and warns me if there is another device active on the account?

    How does it know which ones are real and which ones are eavesdroppers? If it can tell, why not just prevent the eves-dropper from connecting in the first place?
    The system itself can’t tell who is the real person you’re having a conversation with, all it is doing is notifying the other party of a new device in use for the conversation. This is why confirmation of the key is to be done by means external to iMessage; preferably in person or via FaceTime, where a visual identification can be made. 

    From my understanding, this isn’t addressing some unannounced hack or vulnerability but addressing a possible attack vector created by how iCloud works—

    iMessage allows its users to sync their conversations between devices logged in on the same iCloud account so that you can continue on your iPhone, iPad, or Mac regardless of where it was initiated. Previously when a new device was added, only the adding party was notified of the new device. With this new setting both parties will be notified. 

    So with this option enabled, should a third party manage to gain access to one of the other party’s iCloud account and thereby include the device in the conversation, not only will the breached user be notified of the new device, but as well the one being conversed with. 
    appleinsideruserAlex1Njony0
  • Reply 8 of 14
    Thanks. So the trade off is that who you’re conversing with, will find out if you add another device to the conversation. 

    But what about if that extra device was already there when the conversation started? I’m curious, where does one draw the line? How do you know (audit) if these other devices are legit or eves-droppers?
    williamlondon
  • Reply 9 of 14
    jimh2jimh2 Posts: 631member
    Thanks. So the trade off is that who you’re conversing with, will find out if you add another device to the conversation. 

    But what about if that extra device was already there when the conversation started? I’m curious, where does one draw the line? How do you know (audit) if these other devices are legit or eves-droppers?
    If you are in the category of people needing this then you do care. For the vast majority (99.99999999999999999%)messaging their mindless dribble, shopping list, pickup times, etc this is of no interest.
    appleinsideruserjony0
  • Reply 10 of 14
    jimh2 said:
    Thanks. So the trade off is that who you’re conversing with, will find out if you add another device to the conversation. 

    But what about if that extra device was already there when the conversation started? I’m curious, where does one draw the line? How do you know (audit) if these other devices are legit or eves-droppers?
    If you are in the category of people needing this then you do care. For the vast majority (99.99999999999999999%)messaging their mindless dribble, shopping list, pickup times, etc this is of no interest.
    Yeah, indeed. However, I’m still curious. How do you know (audit) which other devices are legit or eves-droppers? I get that using a second channel (FaceTime) can let you share a code. But what does that tell you, yes, there are other devices listening?

    But how does that help audit the (say 4) other devices on the account of the party you’re conversing with (about extra prunes and milk)?

    Maybe there’s a write up somewhere…
    williamlondon
  • Reply 11 of 14
    gatorguygatorguy Posts: 24,281member
    netrox said:
    So iMessage is e2e encrypted, but if someone snoops on the cloud it’ll tell you!? Seems like there’s a little detail missing here somewhere…
    I am thinking the same. If both ends are encrypted, how can the "man in the middle" know what's being said? 


    Because you are a ghost participant in the iMessage conversation, added/approved but undeclared to the others and supplied the encryption key because of it. Obviously it's true that it has happened since Apple is giving users a means of discovering them. 
    edited May 2023 Alex1N
  • Reply 12 of 14
    https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/
    This doesn’t satisfy my curiosity. Maybe when it goes live folk will explore more…
    Alex1N
  • Reply 13 of 14
    beowulfschmidtbeowulfschmidt Posts: 2,164member
    gatorguy said:

    Us commoners have nothing to worry about anyway, we aren't that valuable or interesting. 
    But those of us who have nothing to worry about should still be concerned about it.  Our lack of concern might change, or the eavesdropping parties might decide to expand what's of concern to them.  If we wait until it affects us individually, we run the risk of being too late to do any good.

    appleinsiderusermuthuk_vanalingam
  • Reply 14 of 14
    derekmorrderekmorr Posts: 237member
    This article from Dr. Matthew Green, a cryptographer at Johns Hopkins, has a good overview of the problem. He's the researcher that was able to break iMessage encryption back in 2016. See his discussion of "key substitution attacks."

    On the one hand, it addresses a long-standing design flaw in iMessage -- it was impossible to verify the identify of the other party. You just had to blindly trust the Apple provided the right encryption key to you, and you weren't subject to a man-in-the-middle attack. This is opposed to Signal and WhatsApp which support verification. Basically, these systems create a "fingerprint" of the encryption keys used in your conversation -- both parties can verify this fingerprint to ensure they both see the same keys.

    Historically, iMessage did not have this -- so you could not know if you were really talking directly to someone or if your conversation was being relayed through an eavesdropper, or if Apple had secretly added an eavesdropper to your conversation. Now, this will be possible.

    Edit: WhatsApp is actually innovating here. Most users do not manually verify safety numbers, so WhatsApp is rolling out an automatic key verification system which has a public log of all public keys in the system. See this announcement for a high-level overview. There is also an extended deep-dive discussion on the Security Cryptography Whatever podcast.
    edited May 2023 williamlondongatorguymuthuk_vanalingamappleinsideruser
Sign In or Register to comment.