Apple: No, We Can’t Read Your iMessages (And We Don’t Want to, Either)

Touting its commitment to user privacy in the wake of the NSA surveillance scandal earlier this year, Apple said that the end-to-end encryption protecting its iMessage instant-messenger service is so secure that even the company itself cannot decrypt it. But, on Thursday, security outfit QuarksLab disputed that claim, arguing that Apple could intercept iMessage communications if it wanted to.

“Apple can read your iMessages if they choose to, or if they are required to do so by a government order,” QuarksLab said in a white paper presented Thursday at the Hack in the Box conference.

Apple disagrees — vehemently. We’ll get to that in a minute.

QuarksLab research is far too labyrinthine to summarize here, but the gist of it is this: Because Apple controls the keys used to encrypt iMessages between the sender and the recipient, it could theoretically conduct a so-called “man-in-the-middle attack” on the two, making sender and recipient believe they are chatting directly and securely with one another when they aren’t — and reviewing their communications.

“As Apple claims, there is end-to-end encryption,” QuarksLab explains. “The weakness is in the key infrastructure as it is controlled by Apple: They can change a key anytime they want, thus read the content of our iMessages.” QuarksLab, it should be noted, has no evidence that Apple does or has done this. It’s presentation begins with this explicit statement: “What we are not saying: Apple reads your iMessages. What we are saying: Apple can read your iMessages if they choose to, or if they are required to do so by a government order.”

QuarksLab’s research has so far been well received by the security community, with cryptography experts saying that the concepts on which it is based are sound. Asked by AllThingsD if the firms’s claim is legitimate, renowned security technologist Bruce Schneier replied with a definitive yes. “The researchers show that iMessage could be undetectably designed to intercept and read messages, not that it is designed to do so,” Schneier said.

Independent security researcher Ashkan Soltani agreed.

“I think what their presentation demonstrates is that it’s very difficult, but not impossible, for an outside attacker to intercept messages if they’re able to control key aspects of the network,” Soltani told AllThingsD. “Probably not something that just any actor can do, but definitely something a state/government actor or Apple themselves could do, if motivated.”

But Apple insists it is not so motivated. And it stands by its June claims about iMessage’s security. Apple says that QuarksLab’s theory is just that — a theory, and one that would require a rearchitecting of iMessage for it ever to be a threat in the real world.

“iMessage is not architected to allow Apple to read messages,” said Apple spokeswoman Trudy Muller in a statement to AllThingsD. “The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”

In other words, iMessage was built to thwart attacks, not abet them.

That is Apple’s publicly stated intent, anyway. As we’ve learned from the NSA surveillance scandal this year, there are some actors out there who might prefer iMessage to work just the way QuarksLab describes. So perhaps in today’s world iMessage’s encryption is only as good as your trust in Apple.

Said Soltani, “We’ve recently seen indication of companies like Skype or Lavabit being forced to enable interception capabilities in their system, so it would be naive to think that Apple wasn’t at least approached by the government at some point.”