[Cryptography] Signal planning no support for plaintext SMS

Jerry Leichter leichter at lrw.com
Thu Nov 10 21:47:51 EST 2022

>> Nothing of substance has changed since this was posted;
>> https://blog.cryptographyengineering.com/2013/06/26/can-apple-read-your-imessages/ <https://blog.cryptographyengineering.com/2013/06/26/can-apple-read-your-imessages/> 
> Actually, a great deal has changed.  The stuff that's encrypted, and even more the stuff that end-to-end encrypted, has changed significantly over the years.  In 2013, the only thing end-to-end encrypted was your keychain.  The list has now grown significantly.
> While it does seem like the updated docs imply the key for iMessage backups is now protected by the account password, that doesn't explain this;
> https://www.apple.com/privacy/government-information-requests/ <https://www.apple.com/privacy/government-information-requests/>
> https://www.apple.com/privacy/docs/legal-process-guidelines-us.pdf <https://www.apple.com/privacy/docs/legal-process-guidelines-us.pdf>
> "Cloud stores content for the services that the customer has elected to maintain in the account while the customer’s account remains active. Apple does not retain deleted content once it is cleared from Apple’s servers. iCloud content may include email, stored photos, documents, contacts, calendars, bookmarks, Safari Browsing History, Maps Search History, Messages and iOS device backups. iOS device backups may include photos and videos in the Camera Roll, device settings, app data, iMessage, Business Chat, SMS, and MMS messages and voicemail. All iCloud content data stored by Apple is encrypted at the location of the server. Apple retains the encryption keys in its U.S. data centers. iCloud content, as it exists in the customer’s account, may be provided in response to a search warrant issued upon a showing of probable cause, or customer consent."
The way I read this is:  "All the data uploaded to iCloud is encrypted at the server, using a key available in US Apple data centers.  If the government asks for that data, it will be provided, with the server encryption removed, thus providing what the user uploaded.  We make no representation that the data uploaded was not encrypted at the user's device before it was sent to iCloud."  And, indeed, somewhere in all the verbiage we've been looking at - probably not an Apple doc - it says that Apple can deliver your messages - but your *encrypted* messages.

The evidence for my reading is in the sentence "All iCloud content data stored by Apple is encrypted at the location of the server."  Encryption at the server means encryption of data at rest within iCloud.  Apple does describe some material as being "end-to-end encrypted," and they do use phrases like "even Apple can't read this information."  That kind of encryption cannot possibly be the one referred to as "encrypted at the location of the server."

The problem with all this material is that it's nowhere near being *technical* documentation.  It's aimed at end users, but it's highly lawyered to make sure that Apple can't be sued over representing something that they don't actually deliver.  So their promises about what they deliver are somewhat vague and subject to multiple interpretations.  So, sure, maybe they're doing something different.
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20221110/0c214748/attachment.htm>

More information about the cryptography mailing list