[Cryptography] Signal planning no support for plaintext SMS

Jerry Leichter leichter at lrw.com
Thu Nov 10 17:27:23 EST 2022

> Nothing of substance has changed since this was posted;
> https://blog.cryptographyengineering.com/2013/06/26/can-apple-read-your-imessages/ <https://blog.cryptographyengineering.com/2013/06/26/can-apple-read-your-imessages/> 
Actually, a great deal has changed.  The stuff that's encrypted, and even more the stuff that end-to-end encrypted, has changed significantly over the years.  In 2013, the only thing end-to-end encrypted was your keychain.  The list has now grown significantly.

> Quote: 
> "According to data forensics company ElcomSoft, iCloud backups are "inherently much less secure" than users would hope.
> "If you have iCloud backups enabled, the encryption key for iMessages will be stored in the backup," the company says in a blog.
> "If the "Messages in iCloud" option is enabled, the messages themselves are NOT included in iCloud backups," it continues. "The encryption key, however, will be included and accessible by Apple (like the rest of the iCloud backup) and so available to the law enforcement."
> Apple appears to confirm this in its support documentation about Apple Platform Security.
> "If the user has enabled iCloud Backup, the CloudKit Service Key used for the Messages in iCloud container is backed up to iCloud to allow the user to recover their messages even if they have lost access to iCloud Keychain and their trusted devices," it says." 
The situation here is exactly that described in a document we've been discussing, where it says you can recover your message when you've lost access to Keychain and trust devices *if you know the password of one of your trusted devices.*  No password, no access.

> https://appleinsider.com/articles/20/01/21/what-apple-surrenders-to-law-enforcement-when-issued-a-subpoena <https://appleinsider.com/articles/20/01/21/what-apple-surrenders-to-law-enforcement-when-issued-a-subpoena>You might want to read that article, not just the headline.  Under "What Apple can provide":  "Apple can give the authorities the details of your iCloud account and access to any of the data that's on there — but that data is likely to be encrypted. Apple publishes a list of what data gets stored on iCloud and which of it is encrypted. 

So much of what Apple has is encrypted. Your calendar and contact details are encrypted, for instance, as are your Safari bookmarks, your Notes, Photos, Reminders and so on. It's easier to say what isn't encrypted.  Out of everything from your health data to your photos and contacts, the only data not encrypted is Mail and text messages. That's not the same thing as iMessages: Apple does encrypt iMessages both as they are in transit - transmitted or received - and then when they are on Apple's servers....  Apple is physically able to give legitimate authorities your data on iCloud as it has the decryption key to much of it, but giving them iMessages means giving them the encrypted iMessages. It's not as if Apple can decrypt them for the government."

The article then goes on to say that Elcomsoft - in a 2018 blog at https://blog.elcomsoft.com/2018/06/icloud-and-imessage-security-concerns/ <https://blog.elcomsoft.com/2018/06/icloud-and-imessage-security-concerns/> - contradicted what Apple claims - and they also cite the same documentation we've been discussing.  Ultimately:

- Everyone agrees that the decryption key for messages is part of the backup.
- This *could* be secure if what's in the backup is the key, encrypted using a key encryption key derived from the password
- Apple doesn't *say* one way or another whether they do that, but it's *implied* in at least one document by saying that if you don't have access to any of your devices, you need the the password to access the stored messages.

But Elcomsoft's blog is actually quite thorough and indeed discusses the whole question of whether the uploaded key is encrypted, right at the end.  They say they don't know.  But ... their tool needs "[T]he Apple ID, the password, the second factor (the code from SMS or push notification) and the passcode of one of the trusted devices."
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20221110/61fabaf6/attachment.htm>

More information about the cryptography mailing list