pod2g: Apple can potentially access encrypted iMessages

messages-ios7

In wake of NSA’s data-snooping Prism revelations, Apple said that iMessages are protected by end-to-end encryption, and even if they wanted to, they can’t decrypt them. But this claim has been challenged by Cyril Cattiaux aka pod2G, who is a member of the evad3rs team that is currently working on an iOS 7 jailbreak. He says that someone inside Apple can intercept iMessages since the company controls the public key distribution that powers the end-to-end encryption.

When you send an iMessage to someone, you grab their public key from Apple, and encrypt your message using the public key, which then gets sent over the network to recipients. The recipients have their own private key (corresponding to their public keys) that they use to decrypt this message. A third-party won’t be able to see the actual message unless they have access to the private key.

According to pod2G Apple’s claims are “just basically lies.” He says that since Apple controls the public key directory that gives you the public key for every user, it could perform a man-in-the-middle (MITM) attack to intercept your messages if asked to by a government agency.

An MITM attack is, when you ask for Bob’s public key, a third-party gives you its own public key instead, with which you encrypt your message. Assuming the third-party has access to the channel through which messages go through, it can decrypt the message you sent. To not raise suspicion, the third-party could then forward the same message to Bob encrypted using his actual public key.

From Macworld:

“The biggest problem here is you just cannot control that the public key you are using when you are [encrypting] the message is really the key of your recipient and not, for example, the public key of some guy in Apple,” Cattiaux said.

“In Apple’s case, it’s that they give the key and nobody can really know if it’s a substitute or anything like that. In fact, it’s a matter of trust. It’s a real problem for users.”

Now of course Apple isn’t likely to be doing any of this, but the claims made by the company of not being able to decrypt iMessages is certainly questionable, especially since there’s no way to detect if iMessages are being intercepted.

The solution would be to let iOS devices store a copy of the recipients’ public keys, so that each time a message is sent to that person, iOS can compare what’s stored locally and on the server, and not send a message in case keys are different.

That said, iMessage encryption seems to be virtually uncrackable for a third-party without Apple’s assistance, as pointed out by a DEA memo that said “intercepting messages between two Apple devices is next to impossible.”