Feeds

back to article Leaked memo: Apple's iMessage crypto has DEA outfoxed

An investigation by the Drug Enforcement Administration (DEA) in February was temporarily thwarted when the surveillance targets began using Apple's encrypted iMessage system, according to a document leaked to Cnet. The intelligence note entitled "Apple's iMessages: A Challenge For DEA Intercept," reported on an investigation by …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
Joke

"Those companies may now have to provide a backdoor if legislation does go ahead, and that's going to make their products a lot less appealing if the US government has full access."

Oh, if only there were other countries in the world that someone could live in and write computer programs that would not be subject to this law.

Joke icon because obviously that wouldn't stop the US.

10
1
Bronze badge

Because, there are no hooks in any software on the entire planet that would permit an API to encrypt, via *real* encryption, any private message.

Right?

To be blunt, the DEA can't crack anything more serious than a Caesar cypher. The NSA rules that roost.

From one who read transcripts of his private morale conversations to his wife and children, whilst deployed, I'll suggest that there are ways in which one can communicate in a secure manner and that the US does still possess an operational fourth amendment. It just needs to get some dust knocked off of it.

Not that a single constitutional right is worth the ink staining that parchment, as all have been relegated upon "national security" need du jour.

4
0
Holmes

Indeed, it would seem that "national security" is the horse and coaches that the government use to go thru the constitution, and no one bats an eyelid so meh. Go back and enjoy your programming for retards, oh sorry I mean America's got talent (sic).

0
1
Silver badge
Meh

I've said it before and I will say it again, US lawmakers are extremely creative in what they decide is criminal activity and even when the activity takes place outside of their jurisdiction. They just change the rules as and where necessary.

0
0
Bronze badge
Trollface

Init Americas Got Talent

Just a copy of Britains Got Talent? We're just playing catchup with the rest of the world 'tards.

0
0
Anonymous Coward

Sweden can probably read inter App traffic

As when SE updated their 'top secret' Titan database recently it was specifically to catch non-email non-VoIP traffic of five year olds chatting in the Penguins games, or übercrims , or whathaveyou? The Swedish TV programme that mentioned this upgrade also alleged that Titan shares an entire copy of the Swedish Internet traffic with partners (presumably NSA), same as other Baltic Sea fringing nations, obviously gotta catch the NORK packets?!!!?

4
0
Bronze badge
Happy

Just check on the device

The history is probably logged/stored in plaintext somewhere

2
1
Bronze badge

Secure

A friend sent my son a password by photographing his notebook where it was handwritten He did it because he was too lazy to type it but it strikes me as a particularly good defence against automated snooping.

4
0
Bronze badge

Re: Secure

ROFLMAO!

Sorry, I write in script that makes a US physician's writing look clear.

I know as a fact that my handwriting, such as it is, was read easily by computer. Granted, a government computer designed to do so, but consider one thing: I have nerve damage to my writing hand.

After that, I went with 2k keys, generated off of multiple machine seeds, then regenerated on other machines.

0
0

This post has been deleted by its author

Bronze badge
Joke

Re: richard.cartledge@snc.ac.uk

Yes, but Navaho wind-talkers are very expensive to keep.

5
1
Bronze badge
Meh

Re: richard.cartledge@snc.ac.uk

Especially considering that Navajo is a non-written language.

0
1
Bronze badge

Re: richard.cartledge@snc.ac.uk

Yeah, and they eat like hors... ponies.

(good one theodore)

0
1
Bronze badge

Tempus fugit

Someone Else, Navajo was an unwritten language; there is now a standard orthography for it.

1
0
Bronze badge

Re: richard.cartledge@snc.ac.uk

Blather.

Non-standard language is an idiot's theory. An ill documented language is one thing, non-standard is idiocy.

OTP is proved true.

1
0
Pint

Re: richard.cartledge@snc.ac.uk

RC: The easiest thing to do would be to communicate in a non-standard language.

Maybe the old 'Linear B' ? LOL.

0
1
Anonymous Coward

Re: richard.cartledge@snc.ac.uk

Like Welsh, as I believe was done during the last world war.

0
0
Pint

Re: richard.cartledge@snc.ac.uk

I just use my own handwriting. It's a form of encryption all by itself, unreadable by anyone but me. And even then, after apply my strongest cypher (ie 6 pints), even I struggle to read it the next day.

Beer! Friday!

2
1
Anonymous Coward

Re: richard.cartledge@snc.ac.uk

Actually, all you need to do is speak proper English, it'll confuse the hell out of the US snoopers.

0
0
Silver badge
Happy

Re: Tempus fugit

Just use Russian. Use properly that is (as native, not as a foreigner).

It can have 3-4 or more meanings between the lines which will require someone who actually knows language, culture and context (not someone who has passed the MI5 analist test) to decipher.

Change the position of two words and the whole sentence completley changes its meaning as well as its level 2,3,4 meanings, etc.

While this was a natural property of the language in the first place, 80 years of having to talke double, tripple and quadrupple speak to avoid статья 58 and ГУЛАГ improved it quite considerably. It is now at the point where if two russians want to speak between themselves without anyone "non-native" understanding them they can do it any time any day today. As a side effect makes for great stand-up comedy too :)

0
0
Bronze badge

The saying should be...

If you have no reason to investigate me, then go away. (I hide everything!).

The saying "You have done no wrong, so you should have nothing to hide" is the reason we here in the USA have the 4th amendment.

So, we go back to:

I've got the yo-yo...

I've got the string!

3
1
Bronze badge

Re: The saying should be...

You forget McCarthy, who turned the fourth and fifth amendment 180 degrees around, then the House UnAmerican Activities committee living up to its name.

In that view, hide something, you have something to hide. Plead self-incrimination, be incriminated. A very example of what Orwell warned about.

Considering the far right's leaning, I honestly expect that if they win house, senate and presidency, the UK will be Airstrip One in the following month. :(

1
2
FAIL

Re: The saying should be...

You had me until you talked about the far right. Both political leanings are equally corrupt. President Obama did not end the overreaching powers President Bush started. This is not an exclusive "far-right" or "far-left" action.

6
0
Gimp

At a guess

I'd assume 3DES, using the iPhone UUIDs in an ABA arrangement. 3DES is used for RFID and would be a sensible base for any firm planning on NFC.

Would be quite easy to find out with a virgin iPhone and some packet inspection. I doubt the NSA, or GCHQ for that matter,would take long to work this out, just proves that the DEA are morons.

0
1
Bronze badge

Re: At a guess

DES was broken when my children were in diapers.

Small hint, I'm a grandfather now. Twice.

And a fair distance from pension, such as it is.

2
1

Re: At a guess

Whether it has been broken or not bears no mark on whether the DEA can break it.

As stated 3DES is used for NFC, notably the DESFire standard that replaces Mifare. Apple are most likely to implement a standard that has actual use.

The one thing that would interest me is whether they have a compression algorithm tied in with the encryption (pre or post) to lower their network traffic.

1
0
Anonymous Coward

Re: At a guess

"DES was broken when my children were in diapers."

Not really relevant since 3DES is much more secure. Triple-DES with 3 different keys is more secure than 128-bit AES which the US Gov happily use for below Top Secret.

1
0
Anonymous Coward

Re: At a guess

The one thing that would interest me is whether they have a compression algorithm tied in with the encryption (pre or post) to lower their network traffic.

Compressing post-encryption wouldn't really help much since you are removing all trace of compressible structure from the document. Compressing pre-encryption is very common since it not only reduces message size, but reduces the use of known cipher-text attacks. Except of course if you have standard headers in your compression algo that end up in every message!

1
0
Anonymous Coward

LOL

Lbh'yy arire gnxr zr nyvir, Pbccre!

1
0
Happy

Re: LOL

Obbx uvz, Qnaab

0
0
Pint

The Code Book, by Simon Singh

Highly recommended.

He explains how the cryptanalysts break into ciphers, how even a one-time pad can be cracked if used twice, how to create and share a key over an unsecure channel, etc.

Easy read.

3
2

Re: The Code Book, by Simon Singh

All ciphers are crackable, the pertinent question is how long it takes to crack the cipher.

2
3

Re: The Code Book, by Simon Singh

"All ciphers are crackable, the pertinent question is how long it takes to crack the cipher."

Wrong! A one-time pad with a key from truly random data that is never re-used is impossible to crack. This is provable in a very simple way. A particular cipher-text can decrypt into any message of the given length. So even if you can cycle through every key and decrypt the message. You can't tell whether a message you get out is the right message. For example, if you encrypted a message, "The enemy is descending on our position" with one key, you could decrypt it with a different key and get, "The enemy is running away in disarray!!" There is no way, unless you actually have the real key, to know that you have the real message.

Even symmetric keys have limits to them. If you place a Dyson sphere around the sun to capture all energy it produces for the remainder of its life. And you also create a perfect counting state machine that uses a single quanta of energy to change state. There will be insufficient energy to count through all the keys of a 256 bit symmetric key algorithm. That's just counting the keys and doesn't include the problem of actually decrypting the message to test each time. So whilst theoretically true that "symmetric key ciphers can be cracked with enough time" the reality is, enough time often does not exist.

6
0
Pint

Re: The Code Book, by Simon Singh

0.5 tonne wrote: "... ..."

Perfect.

0
1
Pint

Re: The Code Book, by Simon Singh

FMvK: "All ciphers are crackable..."

I recommend Amazon.com. Select 'Used - good condition'. Quite inexpensive.

0
1
Anonymous Coward

Wahh wah

images.apple.com/ipad/business/docs/iOS_Security_May12.pdf

"Every iOS device has a dedicated AES 256 crypto engine built into the direct memory access (DMA) path between the flash storage and main system memory, making file encryption highly efficient. Along with the AES engine, SHA-1 is implemented in hardware, further reducing cryptographic operation overhead."

So much for the NSA backdoor in AES.

1
1
Bronze badge

Re: Wahh wah

Yep! DMA will soil your bed while you're in it every time.

0
0

Re: Wahh wah

"A 256-bit AES key that’s burned into each processor at manufacture. It cannot be read

by firmware or software, and is used only by the processor’s hardware AES engine."

All well and good, but that suggests the hardware AES only uses a UID that the device itself can only access. Which means it isn't that which is shared for messaging. From watching an iPhone's behaviour it seems to act in the following way when you start a conversation with a new contact:

Query Apple's servers to see if the details you have exist in their list of known devices. (your message button turns blue when it comes back)

Apple's server returns a UUID for the other phone's messaging path, this will then be stored against the contact.

On typing a message Apple checks if the other device has notified the server of its online status recently.

The message is sent and encrypted by two keys only known to each device, this I may have incorrectly assumed would be 3DES above.

If the hardware AES can take supplied keys they have a variety of options (and we can select as many as we like from the menu, as long as the CPU is able to keep up with our consumption) as a UUID is 128bits, the AES takes 256 bits, we have two UUIDs.:

Multiple encryption - similar to 3DES, encrypt with key A, decrypt with key B, encrypt with key A

Generated key - splice the two keys in your chosen recipe

Compression

Whilst working with Mifare cards there was a solution forwarded about using the UID of the card, and a cheap processing algorithm to generate the key, thus to render an attack you would need to know how to create the key.

1
0
Pint

Re: Wahh wah

See Diffie–Hellman [/Williamson] key exchange. All you need is any old reliably random number at each end, and then follow the DH key exchange procedure to create and exchange a common secret key over a public channel. Easy peasy.

0
1
Silver badge

Everyone Knows

That this memo only means they now have a way of cataloging and searching the messages now, not that they can't read them, surely everyone realizes this is a setup right? The DEA is like the learning impaired cousin of Federal law enforcement and they believe everyone else is stupid.

2
2
Gold badge

Move outside the US

"Those companies may now have to provide a backdoor if legislation does go ahead, and that's going to make their products a lot less appealing if the US government has full access. "

Or move outside the US.

Sorry police, but you may have to go back to doing, you know, police work.

1
2
Anonymous Coward

Re: Move outside the US

You'd actually need to stay outside the EU as well. EU legislation has those fancy backdoors too, they're just not that explicit as the US ones..

0
0
Bronze badge
FAIL

This is not hard

If you are a narco-kingpin there is a remote possibility that a nice DEA agent will help your kid get a kitten out of a tree.

When Apple "fixes" this problem they will send the DEA the bill. Your kid already has the freaking kitten.

Now be a good little kingpin and convert over to iMessage, because, you know, the DEA says they can't read it. I'm sure they'll send you an iMessage when the problem is fixed.

.

1
3
Anonymous Coward

Take maters into your own hands.

Especially with encrypted communications. I know it's not a good idea to pretend to be a security expert and write your own encryption routines. However, using a communication product touted as secure by it's manufactures is foolish. There is middle ground. For one thing: your own servers outside the US.

1
0
Mushroom

All I can say is GOOD.

The government (any government) has their fingers deep enough into everyone's pies. Everyone should encrypt everything they can, whether they're doing anything shady or not. Privacy is fast disappearing.

5
0
WTF?

"the iOS system uses a unique identifier burned into the processor for identification"

AES is symmetric encryption. A spook gets your "unique identifier" from Apple, and you are toast.

0
0
Bronze badge

Re: "the iOS system uses a unique identifier burned into the processor for identification"

Blather. DMA is a key issue, for there are interfaces that have DMA access, hence can access DMA directly and counter encryption.

It's part of why most governments with information warfare units have multiple stand alone systems.

For, indeed, the very first rule of security is, don't trust anyone, not even yourself.

0
1
Gold badge
WTF?

Apple. Guarding your privacy

Are you f**king kidding me?

1
2

Small text smaller brain

The commo between criminals with secure iphones at the fed level is small potatoes . When you can observe them at hotels, bars, on the street mtg with other criminals and carrying out their dirty deeds in plain view, text msgs pale to photos of the 'gang' altogether. Add the jail calls and the grand jury is only a stop between a plea agreement and 60 months in the bighouse. Any criminals above this group will meet with reps.of state at dinner and hash out prisoner swaps. Which reminds me, gotta reset that line-ex password to something other than 'root'. Have you seen that new stuff? My friend gave me a cd that runs on boot and...

0
0
Silver badge

A life of crime

So is Apple's latest iPhone going to be the smartphone of choice with those bent on a life of crime?

Isn't it already? I would have expected it to be, as probably many of them cut their junior crim teeth by mugging people for the things.

Not to mention the bling aspect of things, along with the BMW or similar motor.

0
1

Page:

This topic is closed for new posts.