Researchers Claim Apple Can Potentially Access Encrypted iMessages [Updated]

Following the revelation of government data gathering program PRISM in June, Apple released a statement on customer privacy that suggested the company was unable to access or decrypt iMessage and FaceTime conversations.

According to researchers who presented at the Hack the Box conference in Kuala Lumpur (via Macworld), it is actually possible for someone inside Apple to intercept messages because the company has access to public iMessage keys.

imessage_ipad_mac_iphone

The company's claim that iMessage is protected by unbreakable encryption is "just basically lies," said Cyril Cattiaux, who has developed iOS jailbreak software and works for Quarkslab, a penetration testing and reverse engineering company in Paris.

The researchers emphasized they have no indication that Apple or the government is reading iMessages, only that it would be possible to do so.

To encrypt iMessages, Apple utilizes public key cryptography, which means that every Apple device is assigned both a private key and a public key. When an iMessage is sent, it requests the public key of the recipient's device to encrypt the message, which is then decrypted by a private key upon receipt.

Because Apple manages public keys and does not divulge them to users, it is not possible to verify that a sent iMessage is going to the intended recipient. Apple could, for example, substitute or add a public key to intercept an outgoing message without the sender being aware of the change, as end users do not have access to public keys.

With a public server, such as MIT’s PGP Public Key Server, the sender can at least see more information, such as whether a key has changed. At that point, the sender can decide whether they want to trust it or not if they suspect a man in the middle attack. Apple’s key server is not public, the researchers say.

"The biggest problem here is you just cannot control that the public key you are using when you are ciphering the message is really the key of your recipient and not, for example, the public key of some guy in Apple," Cattiaux said.

According to the researchers, there would be no way for an end user to detect an intercepted or rerouted message from their iOS device, as it is impossible to see whether or not a key has been switched or where a message has been routed. The solution to the issue, to introduce true end-to-end encryption, would require Apple to store public keys on each iOS device to allow users to compare keys to verify that messages are going to the intended recipient.

Earlier this year, a Drug Enforcement Agency document noted that it was impossible for law enforcement agencies to eavesdrop directly on iMessage conversations due to Apple's encryption, but it appears that Apple itself could potentially intercept those messages using public keys.

Update: Apple spokeswoman Trudy Muller said in a statement to AllThingsD that "iMessage is not architected to allow Apple to read messages," adding that "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

Top Rated Comments

Zwhaler Avatar
117 months ago
I've learned these days that anything and everything that has to do with information or data can be accessed by the authorities, illegal or not. We live in a surveillance state (in America). Notice how Yahoo and other service providers are pushing user "profiles" like Facebook, so they can make profiles on all of us. Next up is obviously fingerprint scanning. The conspiracy theorists weren't crazy after all.
Score: 31 Votes (Like | Disagree)
djtech42 Avatar
117 months ago
If Apple has access to them, the NSA has access to them.
Score: 22 Votes (Like | Disagree)
Mwongozi Avatar
117 months ago
I said this on Reddit but I'll say it again here:

If Apple wanted to, or intended to, read your iMessages, why wouldn't they design a protocol that specifically allows for this in the first place?

Finding flaws in a protocol which was obviously designed to be secure and then pointing the finger and saying "See? It's all on purpose" is just crazy.

But the masses will disregard the line right at the top of this article:
What we are not saying: Apple reads your iMessages.
I certainly trust iMessage way, way more than I trust, for example, Skype, or even plain old SMS.

A much bigger problem is that iCloud backups are not stored encrypted. If you backup your messages to iCloud, Apple has no need to go to the trouble of intercepting your messages in transit.
Score: 18 Votes (Like | Disagree)
impulse462 Avatar
117 months ago
Why should we believe a jailbreaker?

Because they probably know more about iOS security than you.
Score: 13 Votes (Like | Disagree)
shawnce Avatar
117 months ago
How iMessage may work
(at a high level, various optimizations exist to avoid overhead after initial key exchange, etc)...

Bob wants to send an message to Sue.

Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.

Apple informs Sue of an message request and is handed Bob's public key.

Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.

Apple informs Bob of Sue's public key.

Bob encrypts his message to Sue using Sue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.

Apple informs Sue of Bob's message.

Sue decrypts the message from Bob using her private key.

Under this model only Bob and Sue have their private keys and hence only they can decrypt messages originating from their devices

...HOWEVER, since Apple is the mediator of the public keys between Bob and Sue Apple could give Bob a public key of their own claiming it was from Sue. This would then allow Apple to decrypt messages from Bob heading to Sue. Apple can do the same thing with Sue. Then Apple would be able to get messages from Bob, decrypt them, look at the message, then re-encrypt it before passing it along to Sue. The man in the middle model...

Bob wants to send an message to Sue.

Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.

Apple generates a private key and a FakeBob public key of their own.
Apple informs Sue of an message request and is handed FakeBob's public key.

Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.

Apple generates a private key and a FakeSue public key of their own.
Apple informs Bob of FakeSue's public key.

Bob encrypts his message to Sue using FakeSue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.

Apple decrypts message, looks at it, and then re-encrypts message using Sue's public key.
Apple informs Sue of Bob's message.

Sue decrypts the message from Bob using her private key.

Personally I trust Apple to NOT do this and favor the simplicity of their method despite a man in the middle weakness internally in their system. They could prevent this but at the cost of trust being established between Bob and Sue in a more complex and cumbersome way... not ideal for typical users of iMessage.

...personally not sure how this is news or a surprise, with the intentional simplicity and ease of use of the iMessage solution you have to assume Apple will be a good actor on your behalf...
Score: 11 Votes (Like | Disagree)
djtech42 Avatar
117 months ago

So when iMessage texts go missing from time to time, or are delayed for no apparent reason, could this be a possible reason for it? (No, I don't think every time there's a missing or late message that this is the reason, but is it a possibility that when a message is delayed, it could be because it is being intercepted?)

Put the tin foil hat back down. :D
Score: 10 Votes (Like | Disagree)

Popular Stories

apple watch ultra deuglify 1

Apple Watch Ultra User Mods Titanium Casing to 'Deuglify' Design

Tuesday September 27, 2022 8:05 am PDT by
An Apple Watch Ultra user has modified their new device's casing to add a brushed finish and remove the orange color of the Action Button in an effort to make it more visually appealing. The Apple Watch Ultra offers the first complete redesign of the Apple Watch since the product line's announcement in 2014, and while the design has been met with praise from many users, some have criticized...
Dark Sky App Featured

Dark Sky Removed From iOS App Store Ahead of Upcoming Shutdown

Wednesday September 28, 2022 4:27 pm PDT by
The Dark Sky weather app that's owned by Apple is no longer available for download in the U.S. App Store, suggesting that it has been removed ahead of schedule. Apple acquired Dark Sky back in March 2020 and has since incorporated elements of the app into the Weather app available on the iPhone (and soon, the iPad). Dark Sky remained available for purchase as a standalone weather app...
iphone 14 pro max vs 13 max 2

Camera Comparison: iPhone 14 Pro Max vs. iPhone 13 Pro Max

Thursday September 29, 2022 7:44 am PDT by
The iPhone 14 Pro and Pro Max introduce some major improvements in camera technology, adding a 48-megapixel lens and low-light improvements across all lenses with the new Photonic Engine. We've spent the last week working on an in-depth comparison that pits the new iPhone 14 Pro Max against the prior-generation iPhone 13 Pro Max to see just how much better the iPhone 14 Pro Max can be. Subscrib ...
apple watch ultra hammer test

YouTuber Tests Apple Watch Ultra Durability With a Hammer: Table Breaks Before the Watch

Sunday September 25, 2022 2:27 pm PDT by
A YouTuber has put Apple's claims for the durability of the Apple Watch Ultra to the test by putting it up against a drop test, a jar of nails, and repeated hits with a hammer to test the sapphire crystal protecting the display. TechRax, a channel popular for testing the durability of products, first tested the Apple Watch Ultra by dropping it from around four feet high. The Apple Watch...
tony blevins car

Apple Procurement VP Departs Company After Vulgar TikTok Comment

Thursday September 29, 2022 12:38 pm PDT by
Tony Blevins, Apple's vice president of procurement, is set to depart the company after he made a crude comment about his profession in a recent TikTok video, reports Bloomberg. Blevins was in a video by TikTok creator Daniel Mac, who was doing a series on the jobs of people he spotted with expensive cars. After seeing Blevins in an expensive Mercedes-Benz SLR McLaren, Mac asked Blevins what ...
iPhone 14 Pros in Hand Black Background Feature

Verizon iPhone 14 Pro Customers Reporting Cellular Connection Issues

Monday September 26, 2022 6:23 am PDT by
iPhone 14 Pro customers on the Verizon network in the U.S. are reporting issues with slow and unreliable 5G cellular connections and calls randomly dropping. Several threads on Reddit (1,2,3) and the MacRumors forums chronicle issues faced by Verizon customers and Apple's latest iPhone. According to user reports, signal strength on the iPhone 14 Pro is unreliable and weak, while other...
iPhone 15 to Switch From Lightning to USB C in 2023 feature sans arrow

Kuo: iPhone 14 Pro Max Popularity Could Lead to More Differentiation Between iPhone 15 Pro and iPhone 15 Pro Max

Wednesday September 28, 2022 10:22 am PDT by
Apple has seen high demand for the 6.7-inch iPhone 14 Pro Max, which could lead the company to further differentiate the next-generation iPhone 15 Pro and Pro Max, according to Apple analyst Ming-Chi Kuo. Apple could add exclusive features to the iPhone 15 Pro Max in an effort to encourage more people to purchase the larger and more expensive device. Kuo last week said that Apple asked...
iPhone 14 Pro Sports Scores Dynamic Island

iPhone 14 Pro Features Live Sports Scores in Dynamic Island on iOS 16.1

Monday September 26, 2022 7:52 am PDT by
Earlier this month, Apple announced that iOS 16.1 will enable a new Live Activities feature that allows iPhone users to stay on top of things that are happening in real time, such as a sports game or a food delivery order, right from the Lock Screen. On the iPhone 14 Pro and Pro Max, Live Activities also integrate with the Dynamic Island. Premier League match in Dynamic Island via Paul Bradford ...
iOS 16

Everything New in the Latest iOS 16.1 and iPadOS 16.1 Betas: Stage Manager Expansion, Wallpaper Tweaks and More

Tuesday September 27, 2022 11:36 am PDT by
Apple today released new betas of iOS 16.1 and iPadOS 16.1 to developers, tweaking some of the functionality that's been introduced in prior betas and in the case of iPadOS 16.1, adding a major new feature to Stage Manager. We've rounded up everything new in both betas below. Wallpaper Updates Apple has updated the Wallpaper section of the Settings app to allow users to swap between...
General iOS 16 Feature Yellow

Some iOS 16 Users Continue to Face Unaddressed Bugs and Battery Drain Two Weeks After Launch

Monday September 26, 2022 7:34 am PDT by
Today marks exactly two weeks since Apple released iOS 16 to the public. Besides the personalized Lock Screen, major changes in Messages, and new features in Maps, the update has also seen its fair share of bugs, performance problems, battery drain, and more. After major iOS updates, it's normal for some users to report having issues with the new update, but such reports usually subside in...