Researchers Claim Apple Can Potentially Access Encrypted iMessages [Updated]

Following the revelation of government data gathering program PRISM in June, Apple released a statement on customer privacy that suggested the company was unable to access or decrypt iMessage and FaceTime conversations.

According to researchers who presented at the Hack the Box conference in Kuala Lumpur (via Macworld), it is actually possible for someone inside Apple to intercept messages because the company has access to public iMessage keys.

imessage_ipad_mac_iphone

The company's claim that iMessage is protected by unbreakable encryption is "just basically lies," said Cyril Cattiaux, who has developed iOS jailbreak software and works for Quarkslab, a penetration testing and reverse engineering company in Paris.

The researchers emphasized they have no indication that Apple or the government is reading iMessages, only that it would be possible to do so.

To encrypt iMessages, Apple utilizes public key cryptography, which means that every Apple device is assigned both a private key and a public key. When an iMessage is sent, it requests the public key of the recipient's device to encrypt the message, which is then decrypted by a private key upon receipt.

Because Apple manages public keys and does not divulge them to users, it is not possible to verify that a sent iMessage is going to the intended recipient. Apple could, for example, substitute or add a public key to intercept an outgoing message without the sender being aware of the change, as end users do not have access to public keys.

With a public server, such as MIT’s PGP Public Key Server, the sender can at least see more information, such as whether a key has changed. At that point, the sender can decide whether they want to trust it or not if they suspect a man in the middle attack. Apple’s key server is not public, the researchers say.

"The biggest problem here is you just cannot control that the public key you are using when you are ciphering the message is really the key of your recipient and not, for example, the public key of some guy in Apple," Cattiaux said.

According to the researchers, there would be no way for an end user to detect an intercepted or rerouted message from their iOS device, as it is impossible to see whether or not a key has been switched or where a message has been routed. The solution to the issue, to introduce true end-to-end encryption, would require Apple to store public keys on each iOS device to allow users to compare keys to verify that messages are going to the intended recipient.

Earlier this year, a Drug Enforcement Agency document noted that it was impossible for law enforcement agencies to eavesdrop directly on iMessage conversations due to Apple's encryption, but it appears that Apple itself could potentially intercept those messages using public keys.

Update: Apple spokeswoman Trudy Muller said in a statement to AllThingsD that "iMessage is not architected to allow Apple to read messages," adding that "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."

Top Rated Comments

Zwhaler Avatar
95 months ago
I've learned these days that anything and everything that has to do with information or data can be accessed by the authorities, illegal or not. We live in a surveillance state (in America). Notice how Yahoo and other service providers are pushing user "profiles" like Facebook, so they can make profiles on all of us. Next up is obviously fingerprint scanning. The conspiracy theorists weren't crazy after all.
Score: 31 Votes (Like | Disagree)
djtech42 Avatar
95 months ago
If Apple has access to them, the NSA has access to them.
Score: 22 Votes (Like | Disagree)
Mwongozi Avatar
95 months ago
I said this on Reddit but I'll say it again here:

If Apple wanted to, or intended to, read your iMessages, why wouldn't they design a protocol that specifically allows for this in the first place?

Finding flaws in a protocol which was obviously designed to be secure and then pointing the finger and saying "See? It's all on purpose" is just crazy.

But the masses will disregard the line right at the top of this article:

What we are not saying: Apple reads your iMessages.

I certainly trust iMessage way, way more than I trust, for example, Skype, or even plain old SMS.

A much bigger problem is that iCloud backups are not stored encrypted. If you backup your messages to iCloud, Apple has no need to go to the trouble of intercepting your messages in transit.
Score: 18 Votes (Like | Disagree)
impulse462 Avatar
95 months ago

Why should we believe a jailbreaker?


Because they probably know more about iOS security than you.
Score: 13 Votes (Like | Disagree)
shawnce Avatar
95 months ago
How iMessage may work
(at a high level, various optimizations exist to avoid overhead after initial key exchange, etc)...

Bob wants to send an message to Sue.

Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.

Apple informs Sue of an message request and is handed Bob's public key.

Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.

Apple informs Bob of Sue's public key.

Bob encrypts his message to Sue using Sue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.

Apple informs Sue of Bob's message.

Sue decrypts the message from Bob using her private key.

Under this model only Bob and Sue have their private keys and hence only they can decrypt messages originating from their devices

...HOWEVER, since Apple is the mediator of the public keys between Bob and Sue Apple could give Bob a public key of their own claiming it was from Sue. This would then allow Apple to decrypt messages from Bob heading to Sue. Apple can do the same thing with Sue. Then Apple would be able to get messages from Bob, decrypt them, look at the message, then re-encrypt it before passing it along to Sue. The man in the middle model...

Bob wants to send an message to Sue.

Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.

Apple generates a private key and a FakeBob public key of their own.
Apple informs Sue of an message request and is handed FakeBob's public key.

Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.

Apple generates a private key and a FakeSue public key of their own.
Apple informs Bob of FakeSue's public key.

Bob encrypts his message to Sue using FakeSue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.

Apple decrypts message, looks at it, and then re-encrypts message using Sue's public key.
Apple informs Sue of Bob's message.

Sue decrypts the message from Bob using her private key.

Personally I trust Apple to NOT do this and favor the simplicity of their method despite a man in the middle weakness internally in their system. They could prevent this but at the cost of trust being established between Bob and Sue in a more complex and cumbersome way... not ideal for typical users of iMessage.

...personally not sure how this is news or a surprise, with the intentional simplicity and ease of use of the iMessage solution you have to assume Apple will be a good actor on your behalf...
Score: 11 Votes (Like | Disagree)
djtech42 Avatar
95 months ago


So when iMessage texts go missing from time to time, or are delayed for no apparent reason, could this be a possible reason for it? (No, I don't think every time there's a missing or late message that this is the reason, but is it a possibility that when a message is delayed, it could be because it is being intercepted?)


Put the tin foil hat back down. :D
Score: 10 Votes (Like | Disagree)

Top Stories

iphone 5s black slate

Images of Unreleased iPhone 5s in Black and Slate Shared Online

Sunday January 17, 2021 9:47 am PST by
Twitter user @DongleBookPro has today shared images of a prototype iPhone 5s in an unreleased Black and Slate color. The iPhone 5s was launched in September 2013. The device featured Touch ID, a 64-bit processor, and a True Tone LED flash for the first time. Other new features included a five-element lens with an f/2.2 aperture, a 15 percent larger camera sensor, Burst Mode, and Slo-Mo...
iP12 charge airpods feature 2

Hidden iPhone 12 Hardware Feature Could Still be Unlocked

Thursday January 14, 2021 2:51 am PST by
All iPhone 12 and iPhone 12 Pro models purportedly have a hidden reverse wireless charging feature, according to an FCC filing. The feature has not yet been activated, but could yet be unlocked for an upcoming Apple accessory. The FCC filing suggests that iPhone 12 models contain the hardware for Wireless Power Transfer (WPT) to accessories: In addition to being able to be charged by a...
Top Stories 43 Feature

Top Stories: MacBook Pro, iMac, Mac Pro, and iPhone Rumors, Best of CES 2021

Saturday January 16, 2021 6:00 am PST by
This week was sure a busy one in the Apple world, with a flurry of announcements out of CES early in the week followed by a rash of Mac- and iPhone-related rumors later in the week. The new rumors this week included details on updated MacBook Pro, iMac, and Mac Pro models, as well as a few other tidbits, so make sure to read on below to get caught up! Kuo: New MacBook Pro Models to...
foldable iPhone concept feature

Apple Testing In-Display Fingerprint Sensor for iPhone 13, Foldable iPhone Also in the Works

Friday January 15, 2021 1:46 pm PST by
Apple has started "early work" on an iPhone that has a foldable display, according to a new report from Bloomberg's Mark Gurman. Though testing of a foldable iPhone has begun, Apple has not committed to releasing a device that has a foldable display. Development has not yet expanded beyond a display and Apple does not have full foldable iPhone prototypes in its labs. Like foldable...
16inchmacbookpromain

Kuo: New MacBook Pro Models to Feature Flat-Edged Design, MagSafe, No Touch Bar and More Ports

Thursday January 14, 2021 9:32 pm PST by
Apple is working on two new MacBook Pro models that will feature significant design changes, well-respected Apple analyst Ming-Chi Kuo said today in a note to investors that was obtained by MacRumors. According to Kuo, Apple is developing two models in 14 and 16-inch size options. The new MacBook Pro machines will feature a flat-edged design, which Kuo describes as "similar to the iPhone 12" ...
macbook pro flexgate

Apple Extends 13-Inch MacBook Pro Backlight Repair Program

Sunday January 17, 2021 10:31 am PST by
Apple this week extended its worldwide 13-inch MacBook Pro Display Backlight Service Program, authorizing coverage for eligible notebooks for up to five years after the original purchase date or up to three years after the start date of the program, whichever is longer. The previous cutoff was four years after the original purchase date. Apple launched the program on May 21, 2019 after...
iphone x camera close

iOS 14.4 Will Introduce Warning on iPhones With Non-Genuine Cameras

Thursday January 14, 2021 8:07 am PST by
In the second beta of iOS 14.4 seeded to developers and public testers this week, MacRumors contributor Steve Moser has discovered code indicating that Apple will be introducing a new warning on iPhones that have had their camera repaired or replaced with aftermarket components rather than genuine Apple components. "Unable to verify this iPhone has a genuine Apple camera," the message will...
Apple TV Ray Light 2 Triad

Apple Extends Free Apple TV+ Trials Until July

Friday January 15, 2021 10:50 am PST by
Apple is once again planning to extend its free Apple TV+ trial subscriptions, this time until July. When Apple TV+ launched in November 2019, Apple offered free Apple TV+ subscriptions to those who purchased a new Apple device in or after September 2019. Those free subscriptions were set to expire in November 2020, but in October 2020, Apple announced that it was extending free trials...
mac pro mini feature

Apple Working on Two New Mac Pro Desktops, One of Which Will Be Reminiscent of Power Mac G4 Cube

Friday January 15, 2021 10:23 am PST by
Apple is developing two versions of the Mac Pro to succeed the Mac Pro that was first released in December 2019, according to a new report from Bloomberg. The first updated Mac Pro is a direct successor to the current Mac Pro and it will use the same design. It may also be equipped with Intel processors rather than Apple silicon chips, and it could be one of the sole machines in the Mac...
macbook pro magsafe

MagSafe is Coming Back to the Mac: A Look Back at Apple's Original Magnetic Charging Technology

Friday January 15, 2021 12:16 pm PST by
Surprise late night rumors last night provided us with our first in-depth look at what we can expect from the new MacBook Pro models that are coming in 2021, and there are some significant changes in the works. Along with additional ports, a new flat-edged design, and the removal of the Touch Bar, Apple's updated MacBook Pro machines will readopt MagSafe. MagSafe in the 2021 MacBook Pro...