Ag3nt47 Security – iMessage encryption stumps US federal agents

A recent investigation conducted by US Drug Enforcement Administration agents has been temporarily derailed after they failed to decrypt messages the targets exchanged via Apple’s iMessage system.

According to an internal DEA note that was leaked to Cnet, the encryption used for the messaging system makes it “impossible to intercept iMessages between two Apple devices,” regardless of the cell phone service providers.

Another problem for law enforcement is these iMessages “are not captured by pen register, trap and trace devices, or Title III interceptions,” which could end up with investigators missing crucial exchanges.

iMessages between an Apple device and a non-Apple device are transmitted as SMS messages and can sometimes be intercepted, and more easily if the intercept is placed on the non-Apple device, adds the memo.

As Dallas De Atley, manager of the platform security team at Apple, shared last year at Black Hat, the iMessage encryption is based on unique identifiers embedded in the hardware, uses a hardware encryption engine, and supports full AES and SHA encryption.

Law enforcement isn’t exactly helpless in cases such as these, as they can get a court order and demand Apple to help them intercept and decrypt the messages.

Still, there is a big push by federal authorities to set legislation that will make all similar communications accessible to them when legally requested.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s