[Cryptography] Signal planning no support for plaintext SMS

Jerry Leichter leichter at lrw.com
Wed Nov 9 21:33:28 EST 2022 

>> Yes, it has the key - encrypted with a key derived from your password.
>> 
>> Note the following text a bit further down in the same document:
>> 
>> “iCloud Data Recovery Service
>> If you forget your password or device passcode, iCloud Data Recovery Service can
>> help you decrypt your data so you can regain access to your photos, notes,
>> documents, device backups, and more. *Data types that are protected by
>> end-to-end encryption—such as your Keychain, Messages, Screen Time, and Health
>> data—are not accessible via iCloud Data Recovery Service. Your device passcodes,
>> which only you know, are required to decrypt and access them.* Only you can
>> access this information, and only on devices where you’re signed in to iCloud.”
> 
> So you are saying it is self-contradictory? How can it “recover your messages if
> you lose access to your Keychain and your trusted devices” then.
If you read the whole document, you'll see that there are multiple kinds of authentication information that can be used to recover encrypted data, including Keychain, trusted devices, passwords/lock codes, recovery codes, etc.  They typically need to be combined to be effective - e.g., assuming your phone is your only trusted device you may have to know its unlock code for it to be useful to you.

There's no contradiction here.  It says you can recover if you've lost your Keychain and trusted devices *if you know your password*.

Apple's security model specifies what kind of authentication information can be used to access what kinds of data and take what kinds of actions (e.g., authorizing a payment).  There's a whole document on it somewhere, explaining, for example, what an unlocked Apple watch that hasn't lost contact with your wrist grants access to vs. what FaceID gives access to and so on.  It's actually quite sophisticated and carefully considered.  That's not to say it's necessarily correct for any particular purpose - it implements a model that likely accords well with most people's understanding and needs, but it's not for everyone in all situations.  (Here's an example:  You can set things up so that your Apple watch unlocks your Mac, which is great but sometimes you *don't* want it to unlock quite so easily.  Some actions - e.g., making contactless payments - require you to explicitly acknowledge, on the watch (by double-clicking), that you want it to do something.  But there's no setting that allows you to unlock with the watch only after an acknowledgement.  This is actually completely consistent with the model - but it's not the way *I* would like to use the feature.)
                                                        -- Jerry

More information about the cryptography mailing list