Pod2g: iMessage’s Unbreakable Encryption is “Just Basically Lies” [u]
Remember when Apple said that texts sent via iMessage are protected by end-to-end encryption making it impossible for Apple or anyone else to read the messages? Well, that’s “just basically lies”, said Pod2g (or Cyril Cattiaux) during a Hack in the Box presentation in Kuala Lumpur yesterday (via PCWorld).
Pod2g, who works for Quarkslab and is renowned in the jailbreak community (see Evasi0n), had already hinted earlier this year that iMessage was not as secure as some of us may have thought. And the time has come to make his team’s findings public.
Their major concern is Apple’s system of managing public keys, which from their perspective is opaque, as it makes it impossible to know if iMessages are being sent to a third party such as the NSA.
Apple uses public key cryptography to encrypt texts between the sender and the recipient. It works like this: when you send an iMessage to a recipient, the iOS device pulls the recipient’s public key from Apple’s non-public server so the encrypted message is created. The recipient will read the message using their own private key.
As Pod2g points out, the issue is that “Apple has full control over this public key directory”. Since Apple has control over the directory, the only reason you believe that no one else has read your message is that you trust Apple. But you don’t know if the public key really belongs to the recipient or not.
“The biggest problem here is you just cannot control that the public key you are using when you are ciphering the message is really the key of your recipient and not, for example, the public key of some guy in Apple,” Cattiaux said.
Cattiaux’s fellow researcher, who goes by the name GG, added that: “In Apple’s case, it’s that they give the key and nobody can really know if it’s a substitute or anything like that. In fact, it’s a matter of trust. It’s a real problem for users.”
When asked for a comment, Apple pointed to its June statement and said that they first heard about PRISM only when they were asked about it by new organizations. Now, a document revealed by Edward Snowden indicates that Apple became part of Prism in October 2012. So in the end: it is all about trust.
Update: QuarksLab posted a video proof of their findings. You can watch it below.
Do you have any concerns with security and iMessage?