Building off of Matthew Green’s discussion of public key cryptography and Apple’s iCloud service in 2012, Julian Sanchez wrote about doubts that Apple’s iMessage service was really as secure as the DEA claimed (or rather complained).
Given Apple’s announcement today about their use of end-to-end encryption throws some of his assumptions into doubt. Matthew Green’s follow-up post on the matter is worth reading, because whether the end-to-end encryption Apple uses for iMessage is really unbreakable depends on how Apple distributes the keys. He reminds us as well that even if the message’s content is encrypted, Apple or similar provider still has access to all the metadata, such as the recipient, date stamp, etc.
If Apple is telling the truth about not having any ability to decrypt the messages, then whenever you login to iCloud from any device (or user account on OS X), your device should be creating a unique set of keys and sending the public one to the iCloud server where other registered iCloud users (or rather their iMessage clients) can find it.
Sanchez initially doubted the system worked that way because of the hypothetical “mud puddle” case Green used in his earlier post. If you destroy your phone (by dropping it in a muddy puddle), can you get the data back by logging into iCloud? If so, then Apple has the master key to all your data. Green’s 2012 post only concerned data stored in the iCloud servers, and it’s indeed true that Apple (assuming it encrypts the data on its servers and not just in transit) holds the “master” decryption key. However, it is not clear iMessages or Facetime calls are recorded or otherwise retained on the servers; and even if they are, they may be encrypted with a private key that only lives on your iOS device or OS X machine.
If you destroy your iPhone or iPad, you cannot retrieve your old iMessages simply by logging into iCloud via the web or a new iOS device. You can’t access iMessage at all through the iCloud website. My friends have lost their phones and consequently all their iMessages/texts. They were only able to get them back by restoring the device from a backup, which may exist in iCloud or your local machine (I prefer to back up my iPhone and iPad locally).
Another good question would be whether iMessages on iOS devices or OS X machines are stored/archived in encrypted or plaintext form? To save processor time (and hence reduce power usage), I imagine they might indeed be stored as plaintext on a user’s personal device.