back to article Leaked memo: Apple's iMessage crypto has DEA outfoxed

An investigation by the Drug Enforcement Administration (DEA) in February was temporarily thwarted when the surveillance targets began using Apple's encrypted iMessage system, according to a document leaked to Cnet. The intelligence note entitled "Apple's iMessages: A Challenge For DEA Intercept," reported on an investigation …

COMMENTS

This topic is closed for new posts.
  1. DavCrav
    Joke

    "Those companies may now have to provide a backdoor if legislation does go ahead, and that's going to make their products a lot less appealing if the US government has full access."

    Oh, if only there were other countries in the world that someone could live in and write computer programs that would not be subject to this law.

    Joke icon because obviously that wouldn't stop the US.

    1. Wzrd1 Silver badge

      Because, there are no hooks in any software on the entire planet that would permit an API to encrypt, via *real* encryption, any private message.

      Right?

      To be blunt, the DEA can't crack anything more serious than a Caesar cypher. The NSA rules that roost.

      From one who read transcripts of his private morale conversations to his wife and children, whilst deployed, I'll suggest that there are ways in which one can communicate in a secure manner and that the US does still possess an operational fourth amendment. It just needs to get some dust knocked off of it.

      Not that a single constitutional right is worth the ink staining that parchment, as all have been relegated upon "national security" need du jour.

      1. Anonymous Сoward
        Holmes

        Indeed, it would seem that "national security" is the horse and coaches that the government use to go thru the constitution, and no one bats an eyelid so meh. Go back and enjoy your programming for retards, oh sorry I mean America's got talent (sic).

        1. Rick Giles
          Trollface

          Init Americas Got Talent

          Just a copy of Britains Got Talent? We're just playing catchup with the rest of the world 'tards.

    2. LarsG
      Meh

      I've said it before and I will say it again, US lawmakers are extremely creative in what they decide is criminal activity and even when the activity takes place outside of their jurisdiction. They just change the rules as and where necessary.

  2. Anonymous Coward
    Anonymous Coward

    Sweden can probably read inter App traffic

    As when SE updated their 'top secret' Titan database recently it was specifically to catch non-email non-VoIP traffic of five year olds chatting in the Penguins games, or übercrims , or whathaveyou? The Swedish TV programme that mentioned this upgrade also alleged that Titan shares an entire copy of the Swedish Internet traffic with partners (presumably NSA), same as other Baltic Sea fringing nations, obviously gotta catch the NORK packets?!!!?

  3. petur
    Happy

    Just check on the device

    The history is probably logged/stored in plaintext somewhere

  4. Simon Rockman

    Secure

    A friend sent my son a password by photographing his notebook where it was handwritten He did it because he was too lazy to type it but it strikes me as a particularly good defence against automated snooping.

    1. Wzrd1 Silver badge

      Re: Secure

      ROFLMAO!

      Sorry, I write in script that makes a US physician's writing look clear.

      I know as a fact that my handwriting, such as it is, was read easily by computer. Granted, a government computer designed to do so, but consider one thing: I have nerve damage to my writing hand.

      After that, I went with 2k keys, generated off of multiple machine seeds, then regenerated on other machines.

  5. This post has been deleted by its author

    1. Anonymous Coward
      Joke

      Re: richard.cartledge@snc.ac.uk

      Yes, but Navaho wind-talkers are very expensive to keep.

      1. Someone Else Silver badge
        Meh

        Re: richard.cartledge@snc.ac.uk

        Especially considering that Navajo is a non-written language.

        1. Irony Deficient

          Tempus fugit

          Someone Else, Navajo was an unwritten language; there is now a standard orthography for it.

          1. Voland's right hand Silver badge
            Happy

            Re: Tempus fugit

            Just use Russian. Use properly that is (as native, not as a foreigner).

            It can have 3-4 or more meanings between the lines which will require someone who actually knows language, culture and context (not someone who has passed the MI5 analist test) to decipher.

            Change the position of two words and the whole sentence completley changes its meaning as well as its level 2,3,4 meanings, etc.

            While this was a natural property of the language in the first place, 80 years of having to talke double, tripple and quadrupple speak to avoid статья 58 and ГУЛАГ improved it quite considerably. It is now at the point where if two russians want to speak between themselves without anyone "non-native" understanding them they can do it any time any day today. As a side effect makes for great stand-up comedy too :)

      2. Gannon (J.) Dick

        Re: richard.cartledge@snc.ac.uk

        Yeah, and they eat like hors... ponies.

        (good one theodore)

      3. Anonymous Coward
        Anonymous Coward

        Re: richard.cartledge@snc.ac.uk

        Actually, all you need to do is speak proper English, it'll confuse the hell out of the US snoopers.

    2. Wzrd1 Silver badge

      Re: richard.cartledge@snc.ac.uk

      Blather.

      Non-standard language is an idiot's theory. An ill documented language is one thing, non-standard is idiocy.

      OTP is proved true.

    3. JeffyPooh
      Pint

      Re: richard.cartledge@snc.ac.uk

      RC: The easiest thing to do would be to communicate in a non-standard language.

      Maybe the old 'Linear B' ? LOL.

    4. Anonymous Coward
      Anonymous Coward

      Re: richard.cartledge@snc.ac.uk

      Like Welsh, as I believe was done during the last world war.

      1. Silverburn
        Pint

        Re: richard.cartledge@snc.ac.uk

        I just use my own handwriting. It's a form of encryption all by itself, unreadable by anyone but me. And even then, after apply my strongest cypher (ie 6 pints), even I struggle to read it the next day.

        Beer! Friday!

  6. Herby

    The saying should be...

    If you have no reason to investigate me, then go away. (I hide everything!).

    The saying "You have done no wrong, so you should have nothing to hide" is the reason we here in the USA have the 4th amendment.

    So, we go back to:

    I've got the yo-yo...

    I've got the string!

    1. Wzrd1 Silver badge

      Re: The saying should be...

      You forget McCarthy, who turned the fourth and fifth amendment 180 degrees around, then the House UnAmerican Activities committee living up to its name.

      In that view, hide something, you have something to hide. Plead self-incrimination, be incriminated. A very example of what Orwell warned about.

      Considering the far right's leaning, I honestly expect that if they win house, senate and presidency, the UK will be Airstrip One in the following month. :(

      1. Wade Burchette
        FAIL

        Re: The saying should be...

        You had me until you talked about the far right. Both political leanings are equally corrupt. President Obama did not end the overreaching powers President Bush started. This is not an exclusive "far-right" or "far-left" action.

  7. Disco Dance Donkey
    Gimp

    At a guess

    I'd assume 3DES, using the iPhone UUIDs in an ABA arrangement. 3DES is used for RFID and would be a sensible base for any firm planning on NFC.

    Would be quite easy to find out with a virgin iPhone and some packet inspection. I doubt the NSA, or GCHQ for that matter,would take long to work this out, just proves that the DEA are morons.

    1. Wzrd1 Silver badge

      Re: At a guess

      DES was broken when my children were in diapers.

      Small hint, I'm a grandfather now. Twice.

      And a fair distance from pension, such as it is.

      1. Disco Dance Donkey

        Re: At a guess

        Whether it has been broken or not bears no mark on whether the DEA can break it.

        As stated 3DES is used for NFC, notably the DESFire standard that replaces Mifare. Apple are most likely to implement a standard that has actual use.

        The one thing that would interest me is whether they have a compression algorithm tied in with the encryption (pre or post) to lower their network traffic.

        1. Anonymous Coward
          Anonymous Coward

          Re: At a guess

          The one thing that would interest me is whether they have a compression algorithm tied in with the encryption (pre or post) to lower their network traffic.

          Compressing post-encryption wouldn't really help much since you are removing all trace of compressible structure from the document. Compressing pre-encryption is very common since it not only reduces message size, but reduces the use of known cipher-text attacks. Except of course if you have standard headers in your compression algo that end up in every message!

      2. Anonymous Coward
        Anonymous Coward

        Re: At a guess

        "DES was broken when my children were in diapers."

        Not really relevant since 3DES is much more secure. Triple-DES with 3 different keys is more secure than 128-bit AES which the US Gov happily use for below Top Secret.

  8. Anonymous Coward
    Anonymous Coward

    LOL

    Lbh'yy arire gnxr zr nyvir, Pbccre!

    1. Paul Mitchell
      Happy

      Re: LOL

      Obbx uvz, Qnaab

  9. JeffyPooh
    Pint

    The Code Book, by Simon Singh

    Highly recommended.

    He explains how the cryptanalysts break into ciphers, how even a one-time pad can be cracked if used twice, how to create and share a key over an unsecure channel, etc.

    Easy read.

    1. Field Marshal Von Krakenfart

      Re: The Code Book, by Simon Singh

      All ciphers are crackable, the pertinent question is how long it takes to crack the cipher.

      1. Half a metric tonne

        Re: The Code Book, by Simon Singh

        "All ciphers are crackable, the pertinent question is how long it takes to crack the cipher."

        Wrong! A one-time pad with a key from truly random data that is never re-used is impossible to crack. This is provable in a very simple way. A particular cipher-text can decrypt into any message of the given length. So even if you can cycle through every key and decrypt the message. You can't tell whether a message you get out is the right message. For example, if you encrypted a message, "The enemy is descending on our position" with one key, you could decrypt it with a different key and get, "The enemy is running away in disarray!!" There is no way, unless you actually have the real key, to know that you have the real message.

        Even symmetric keys have limits to them. If you place a Dyson sphere around the sun to capture all energy it produces for the remainder of its life. And you also create a perfect counting state machine that uses a single quanta of energy to change state. There will be insufficient energy to count through all the keys of a 256 bit symmetric key algorithm. That's just counting the keys and doesn't include the problem of actually decrypting the message to test each time. So whilst theoretically true that "symmetric key ciphers can be cracked with enough time" the reality is, enough time often does not exist.

        1. JeffyPooh
          Pint

          Re: The Code Book, by Simon Singh

          0.5 tonne wrote: "... ..."

          Perfect.

      2. JeffyPooh
        Pint

        Re: The Code Book, by Simon Singh

        FMvK: "All ciphers are crackable..."

        I recommend Amazon.com. Select 'Used - good condition'. Quite inexpensive.

  10. Anonymous Coward
    Anonymous Coward

    Wahh wah

    images.apple.com/ipad/business/docs/iOS_Security_May12.pdf

    "Every iOS device has a dedicated AES 256 crypto engine built into the direct memory access (DMA) path between the flash storage and main system memory, making file encryption highly efficient. Along with the AES engine, SHA-1 is implemented in hardware, further reducing cryptographic operation overhead."

    So much for the NSA backdoor in AES.

    1. Wzrd1 Silver badge

      Re: Wahh wah

      Yep! DMA will soil your bed while you're in it every time.

    2. Disco Dance Donkey

      Re: Wahh wah

      "A 256-bit AES key that’s burned into each processor at manufacture. It cannot be read

      by firmware or software, and is used only by the processor’s hardware AES engine."

      All well and good, but that suggests the hardware AES only uses a UID that the device itself can only access. Which means it isn't that which is shared for messaging. From watching an iPhone's behaviour it seems to act in the following way when you start a conversation with a new contact:

      Query Apple's servers to see if the details you have exist in their list of known devices. (your message button turns blue when it comes back)

      Apple's server returns a UUID for the other phone's messaging path, this will then be stored against the contact.

      On typing a message Apple checks if the other device has notified the server of its online status recently.

      The message is sent and encrypted by two keys only known to each device, this I may have incorrectly assumed would be 3DES above.

      If the hardware AES can take supplied keys they have a variety of options (and we can select as many as we like from the menu, as long as the CPU is able to keep up with our consumption) as a UUID is 128bits, the AES takes 256 bits, we have two UUIDs.:

      Multiple encryption - similar to 3DES, encrypt with key A, decrypt with key B, encrypt with key A

      Generated key - splice the two keys in your chosen recipe

      Compression

      Whilst working with Mifare cards there was a solution forwarded about using the UID of the card, and a cheap processing algorithm to generate the key, thus to render an attack you would need to know how to create the key.

      1. JeffyPooh
        Pint

        Re: Wahh wah

        See Diffie–Hellman [/Williamson] key exchange. All you need is any old reliably random number at each end, and then follow the DH key exchange procedure to create and exchange a common secret key over a public channel. Easy peasy.

  11. Don Jefe

    Everyone Knows

    That this memo only means they now have a way of cataloging and searching the messages now, not that they can't read them, surely everyone realizes this is a setup right? The DEA is like the learning impaired cousin of Federal law enforcement and they believe everyone else is stupid.

  12. Henry Wertz 1 Gold badge

    Move outside the US

    "Those companies may now have to provide a backdoor if legislation does go ahead, and that's going to make their products a lot less appealing if the US government has full access. "

    Or move outside the US.

    Sorry police, but you may have to go back to doing, you know, police work.

    1. Anonymous Coward
      Anonymous Coward

      Re: Move outside the US

      You'd actually need to stay outside the EU as well. EU legislation has those fancy backdoors too, they're just not that explicit as the US ones..

  13. Gannon (J.) Dick
    FAIL

    This is not hard

    If you are a narco-kingpin there is a remote possibility that a nice DEA agent will help your kid get a kitten out of a tree.

    When Apple "fixes" this problem they will send the DEA the bill. Your kid already has the freaking kitten.

    Now be a good little kingpin and convert over to iMessage, because, you know, the DEA says they can't read it. I'm sure they'll send you an iMessage when the problem is fixed.

    .

  14. Anonymous Coward
    Anonymous Coward

    Take maters into your own hands.

    Especially with encrypted communications. I know it's not a good idea to pretend to be a security expert and write your own encryption routines. However, using a communication product touted as secure by it's manufactures is foolish. There is middle ground. For one thing: your own servers outside the US.

  15. Unicornpiss
    Mushroom

    All I can say is GOOD.

    The government (any government) has their fingers deep enough into everyone's pies. Everyone should encrypt everything they can, whether they're doing anything shady or not. Privacy is fast disappearing.

  16. Steen Hive
    WTF?

    "the iOS system uses a unique identifier burned into the processor for identification"

    AES is symmetric encryption. A spook gets your "unique identifier" from Apple, and you are toast.

    1. Wzrd1 Silver badge

      Re: "the iOS system uses a unique identifier burned into the processor for identification"

      Blather. DMA is a key issue, for there are interfaces that have DMA access, hence can access DMA directly and counter encryption.

      It's part of why most governments with information warfare units have multiple stand alone systems.

      For, indeed, the very first rule of security is, don't trust anyone, not even yourself.

  17. John Smith 19 Gold badge
    WTF?

    Apple. Guarding your privacy

    Are you f**king kidding me?

  18. USTom

    Small text smaller brain

    The commo between criminals with secure iphones at the fed level is small potatoes . When you can observe them at hotels, bars, on the street mtg with other criminals and carrying out their dirty deeds in plain view, text msgs pale to photos of the 'gang' altogether. Add the jail calls and the grand jury is only a stop between a plea agreement and 60 months in the bighouse. Any criminals above this group will meet with reps.of state at dinner and hash out prisoner swaps. Which reminds me, gotta reset that line-ex password to something other than 'root'. Have you seen that new stuff? My friend gave me a cd that runs on boot and...

  19. Anonymous Custard

    A life of crime

    So is Apple's latest iPhone going to be the smartphone of choice with those bent on a life of crime?

    Isn't it already? I would have expected it to be, as probably many of them cut their junior crim teeth by mugging people for the things.

    Not to mention the bling aspect of things, along with the BMW or similar motor.

    1. Anonymous Coward
      Anonymous Coward

      Re: A life of crime

      Actually no, because it's too expensive to be used as a disposable.

      These types get told by their mates how to treat phones, and it has led to a massive increase in sales of cheap throwaway phones and SIM cards. They have even woken up to proximity matching :(

  20. Anonymous Coward
    Anonymous Coward

    So what, would you rather be blown up?

    Maybe its just me but I would rather put up with the possibility that a government could read my txts and email (most exciting thing in them is usually the weekly Ann Summers promotions) than be blown up on a plane by some terrorist or had drugs sold to my kids in the street because law enforcement agencies could not intercept their plans.

    The enermy is no longer the obvious ones in Russia or China but the organised criminals or radical terrorists groups. Giving them the capabilities to organise activities with little or no possibility of interception scares me far more than the US government realising that my life really is a dull as it is.

    1. Anonymous Coward
      Anonymous Coward

      Re: So what, would you rather be blown up?

      Mission accomplished Governments. You've convinced someone their liberties can be destroyed and ignored for the insignificant.

    2. PJI

      Re: So what, would you rather be blown up?

      The chance of being harmed by these "enemies", to the extent that they exist in the form and with the capabilities spread by propaganda on all sides, is rather a lot lower than the chance that an official will misuse information for his own or his employer's purposes or just out of incompetent assessment of you as a criminal, child molester or "enemy of hte state".

      Like many Britons, I lived a signficant part of my life, in Britain, even in a job that was more exposed than most, during the height of N. Irish troubles, when some 2000 or more people were killed in the British Isles. Living in London, three bombs exploded near my flat at different times. Tourists died messily in the Tower of London, children were killed in Liverpool. Lovely. Funnily enough we survived without massive restrictions nor even intrusive searches of luggage or people boarding aeroplanes or trains. We took a little risk and preserved immense, personal freedom.

      I think the balance was right and is worth the risk. Anything else is much less than "freedom". We have lost that freedom now, at the behest of people, who seem to think that any risk must be removed at any cost, while getting into their cars or onto their motorbikes to experience far greater risk to themselves and to others.

    3. Anonymous Coward
      Anonymous Coward

      Re: So what, would you rather be blown up?

      A more worrying and likely scenario....baaa

      The campaign against evil underwear packers never ends........it just becomes a constant onslaught on people's freedom and their right to privacy.

      We steadily give up more and more liberty in exchange for more "safety" from a largely invisible "foe". And like the despised "foe", we relentlessly pursue soft. squishy things like privacy... with boots on human faces, detention camps. dossiers on citizens etc..

      And after everyone's communications are wide open, everyone has been profiled, all suspicious elements and rabble rousers tagged for future reference.....

      A truly psychotic ass-hat gets elected........ (I know that's hard to imagine... but let's try). Said ass-hat now has access to all that information and .... can do whatever he wants with it in the name of national security, of course.

      Might not be much at first ... a trumped-up or real drug charge here ... a smear campaign there.... a pedophilia accusation there..... a freedom of information activist committing suicide here.... you get the picture

      But the ass hat has some strange and twisted dreams and now imagines it on a more massive scale.

      How's that lack of privacy thingy working for you now?

      <YOUR FUTURE>

      Meeh.....

      There seems to be a problem with your thumb-print and bar code, citizen.

      Are you sure you didn't vote the wrong way last time ?

      Let me just check ..... clickety click.----- hmmmm

      Ah you know citizen... with these massive databases at our disposal... a clerk with rudimentary sorting skills can now fully automate the herding process. Ever since public education was abolished (got to keep that war against Oceania going, you know) good people are getting harder and harder to find.

      In fact, they now say that nearly all of the remaining skilled people have gone black or are in custody.

      But we'll find them, don't you worry.

      Gotta finish Skynet, after all.

      Ok, citizen, everything is in order.

      Here are you meal vouchers. You have a nice day.

      <END OF YOUR FUTURE>

      You know, I'd honestly rather take my chances with the underwear packers, fly less often (maybe after a quick body frisk or wand wave) .... and try to keep what little is left of our privacy.

      That is why, I want to be sure that VERY strict protections are in place (like warrants in front of real judges keeping actual public records) before anyone violates what is left of our privacy.

      I want all personal data stored in government and commercial databases to be secured. anonymous, fire-walled and deleted after a fixed amount of retention time. In fact, the more data protection laws in place, the better.

      Otherwise, the temptation to perform lazy, ass-hat fishing expeditions will just become too great.

      Have you ever wondered why new laws always seem more bent on prying further into our private lives, rather than protecting them? That's because it's all about power baby, and the less power you have, the easier it is to take away.

      So if keeping privacy enshrined as a human right means a few bad guys get to run around a little longer, I say tough titty.

      People who need total security should move to North Korea or China.

      And they can take their tame congress people with them, they'll love it there.

      When underwear packers have become such a threat that we need to throw out the constitution .... we should just declare martial law and be done with it.

      Because we can't just watch everybody all the time and hope nothing bad will ever happen again.

      It is just not worth it.

      There are people in power who believe that if total surveillance had been in place before, there would have been no WTC, no need to invade other countries, no need to lie about it and wreck the economy in the process. And probably be less school shootings and crime too. I don't want to give people who think like that unfettered access to my digital and physical life.

      Anonymous for perfectly good reasons and the freedom to rant.... so please don't give it away...

    4. Anonymous Coward
      Anonymous Coward

      Re: So what, would you rather be blown up?

      People like you really bother me, because its your attitudes that governments cherry pick when they want to justify picking rights off, one at a time. Like the commentard above, I lived in London through most of the IRA's long campaign. Apart from the inconvenience, the nearest they got to affecting my own life was meeting someone years later whose girlfriend had died in one of the bombings - and he certainly did not share your view.

      The knock on effects from Allah's Little Wannabe's has been far worse, not because they shared the IRA's talent for bombing, but because successive governments took your attitude to heart and turned it into laws that did the "bearded 'n' very cross" brigade's job for them, making official intrusions into private lives seem so apparently routine and blameless we've almost become collectively used to it - or in your case, delighted with it. I'm personally sick of the number of public sector, private sector, official, unofficial and just plain nosey types who seem to have inherited the right to poke + pry for no better reason than some never quite specified public good, backed by laws so loosely written they'd make a primary school pupil blush.

      The ink was scarcely dry on RIPA before a small army of council types had figured out new and innovative ways it could help them exercise their inner jobsworth to their hearts content with the full backing of Westminster. The list of things Jack Straw and co said it wasn't going to be used for now comprise the majority of its uses, but still the security services want more, and attitudes like yours are what ensure they'll get it.

      Benjamin Franklin had the last, prescient word on the chipping away of liberties, and the two centuries since have done little more than prove him right on all counts.

  21. Azzy

    Adding it to CALEA will not hurt crims, just US businesses

    Because the people who care about privacy will just use software made, and services operated in jurisdictions beyond the reach of the oppressors. So while US companies will not be able to make an attractive product for people who need privacy (for nefarious or legal purposes), everyone outside the US still could (subject to their country's own stupid laws, of course)

    1. Anonymous Coward
      Anonymous Coward

      Re: Adding it to CALEA will not hurt crims, just US businesses

      You mean something like:

      Please tell Mathilde to bring in the tomatoes, there will be a hard frost tonight, I repeat...

      There will be a hard frost tonight...

      Facebook would be my preferred choice for succulent messages in the clear

  22. chris lively

    I always thought that the best policy for hidden communications was simply to use innocuous messages posted in the clear. Kind of like posting something here about "the author of this story is an idiot". That could mean "sell the guns!!" Or whatever. Communication that way has deniability benefits as well.

    When you encrypt traffic between two points and one is a known enemy then the very fact that communication takes place provides a verifiable link. However if its simply broadcast in the open, WW II anyone?, then association or even causality is much much harder to prove.

    So, I guess the real thing is simply that the criminals didn't study history. Of course, if the group in question is infiltrated then they could decode the messages. Guess nothing has changed then.

    1. Gannon (J.) Dick
      Pint

      I like the Semantics

      The author of the story could actually be an idiot and "Use Apple Maps Only" would still mean "something really bad is about to happen"

  23. Rick Giles
    Linux

    None of this will matter

    When we all switch to Freedom and Pirate boxen.

This topic is closed for new posts.

Other stories you might like