Comment

Comment on iMessage will reportedly dodge EU regulations, won’t have to open up

<- View Parent

asbestos@lemmy.world ⁨1⁩ ⁨year⁩ ago

That’s a proper comment right there

source

Sort:hotnew top

QuarterSwede@lemmy.world ⁨1⁩ ⁨year⁩ ago
Yeah, it sounds good but there’s a lot of factually incorrect statements.

“Apple RCS” is actually the GSMA RCS standard, which Apple was pretty vocal about not being encrypted, but was kind of forced to use prematurely thanks to legislation. Encryption is already being looked at being added in the next spec.

How Apple encrypts iMessages is literally detailed in their support doc. In short: The per message AES key is derived from the contacts public RSA key.

The user’s outgoing message is individually encrypted for each of the receiver’s devices. The public encryption keys and signing keys of the receiving devices are retrieved from IDS. For each receiving device, the sending device generates a random 88-bit value and uses it as an HMAC-SHA256 key to construct a 40-bit value derived from the sender and receiver public key and the plaintext. The concatenation of the 88-bit and 40-bit values makes a 128-bit key, which encrypts the message with it using AES in Counter (CTR) Mode. The 40-bit value is used by the receiver side to verify the integrity of the decrypted plaintext. This per-message AES key is encrypted using RSA-OAEP to the public key of the receiving device. The combination of the encrypted message text and the encrypted message key is then hashed with SHA-1, and the hash is signed with the Elliptic Curve Digital Signature Algorithm (ECDSA) using the sending device’s private signing key. In iOS 13 or later and iPadOS 13.1 or later, devices may use an Elliptic Curve Integrated Encryption Scheme (ECIES) encryption instead of RSA encryption.

The resulting messages, one for each receiving device, consist of the encrypted message text, the encrypted message key, and the sender’s digital signature. They are then dispatched to the APNs for delivery. Metadata, such as the timestamp and APNs routing information, isn’t encrypted. Communication with APNs is encrypted using a forward-secret TLS channel.

source
- abhibeckert@lemmy.world ⁨1⁩ ⁨year⁩ ago
  
  In short: The per message AES key is derived from the contacts public RSA key.
  
  Erm that’s not how it actually works. Though in your defence, “in short” is pretty hard to achieve here.
  
  The real headache though isn’t encrypting the messages. It’s making sure that only the intended recipient has the decryption key for your message. That’s where E2EE messaging gets complex and frankly Apple doesn’t do the best job. Google’s RCS implementation of encryption is better than iMessage.
  
  source
  - QuarterSwede@lemmy.world ⁨1⁩ ⁨year⁩ ago
    
    Erm that’s not how it actually works. Though in your defence, “in short” is pretty hard to achieve here. That’s why I attached the entire quote and link to Apple’s support doc just below what I over-simplified.
    
    But I will say the rest of what you wrote is a pretty decent insight. Thanks.
    
    source