Apple reaffirms security, privacy of encrypted iMessagesApple on Friday issued a statement affirming the security of their iMessage instant messaging service, rebuking suggestions that the company could, if forced by court order, intercept the encrypted missives.
"iMessage is not architected to allow Apple to read messages," Apple spokewoman Trudy Muller said in a blunt statement to AllThingsD regarding recent suggestions that the iMessage protocol could be subject to a wiretap. "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so."
iMessage security has been a hot topic seemingly since the public release of the service alongside iOS 5 in 2011 when Apple's news release touted the feature as having "secure end-to-end encryption."
The United States Drug Enforcement Agency famously complained in April of this year that iMessage's secure design prohibited the agency from spying on suspects. The DEA circulated a memo to staff, warning that "iMessages between two Apple devices are considered encrypted communication and cannot be intercepted, regardless of the cell phone service provider."
Apple's messaging service utilizes public key cryptography to secure its communications. Broadly speaking, public key cryptography works by encoding data with one key such that it can only be decoded with a different, mathematically matched, key.
Both keys are generated at the same time and are considered to be a "key pair" — one key cannot be deduced from the other.
Apple's vehement response comes after suggestions from security firm QuarksLAB gained publicity this week. They suggested that Apple, which controls distribution of both keys via their central servers, can read users' iMessages by performing what is known as a "man-in-the-middle" attack, in which the central servers would transparently pass illegitimate key pairs between devices. The illegitimate key pairs would theoretically be generated by Apple, and thus allow the company to intercept iMessages.
On Topic: General
- AppleInsider podcast discusses Apple Music & the iPhone's 8th birthday, plus listener questions
- New video showcases Apple's participation in 2015 San Francisco Pride Parade
- Apple investigating ways to embed health sensors, fingerprint readers, chargers into iPhone logos
- Apple officially recognizes Jony Ive's promotion, adds VP of design bios to leadership webpage
- Apple Maps vehicles project expands to 13 new US states in July