[Cryptography] iMessage cryptography is broken

Tony Arcieri bascule at gmail.com
Mon Mar 21 00:44:58 EDT 2016 

...allows plaintext recovery attacks. Problem: lack of a MAC.

https://www.washingtonpost.com/world/national-security/johns-hopkins-researchers-discovered-encryption-flaw-in-apples-imessage/2016/03/20/a323f9a0-eca7-11e5-a6f3-21ccdbc5f74e_story.html
Johns Hopkins researchers poke a hole in Apple’s encryption

Apple’s growing arsenal of encryption techniques — shielding data on
devices as well as real-time video calls and instant messages — has spurred
the U.S. government to sound the alarm that such tools are putting the
communications of terrorists and criminals out of the reach of law
enforcement.

But a group of Johns Hopkins University researchers has found a bug in the
company’s vaunted encryption, one that would enable a skilled attacker to
decrypt photos and videos sent as secure instant messages.

This specific flaw in Apple’s iMessage platform likely would not have
helped the FBI pull data from an iPhone
<https://www.washingtonpost.com/world/national-security/us-wants-apple-to-help-unlock-iphone-used-by-san-bernardino-shooter/2016/02/16/69b903ee-d4d9-11e5-9823-02b905009f99_story.html>
recovered
in December’s San Bernardino, Calif., terrorist attack, but it shatters the
notion that strong commercial encryption has left no opening for law
enforcement and hackers, said Matthew D. Green, a computer science
professor at Johns Hopkins University who led the research team.

The discovery comes as the U.S. government and Apple are locked in a widely
watched legal battle in which the Justice Department is seeking to force
the company to write software to help FBI agents peer into the encrypted
contents of the iPhone used by Syed Rizwan Farouk, one of two attackers who
were killed by police after the shooting rampage that claimed 14 lives.

Cryptographers such as Green say that asking a court to compel a tech
company such as Apple to create software to undo a security feature makes
no sense — especially when there may already be bugs that can be exploited.
-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160320/eeeca770/attachment.html>

More information about the cryptography mailing list