Researchers break Apple’s iMessage encryption


Researchers at Johns Hopkins University (JHU), led by Matthew D. Green, have found a bug in Apple’s encryption. It can allow a skilled attacker to decrypt secure photos and videos sent as messages.
The flaw might not have been used by the FBI to recover information on the San Bernardino terrorist’s iPhone, but it proves that encryption isn’t fool proof. Green is a cryptographer and said that a court compelling Apple to undo its own security makes no sense as there are already bugs which can be exploited.

The method requires the data to be in transit, not stored, so it wouldn’t actually help in the case of the San Bernardino shooter’s locked iPhone. By writing software to mimic an Apple server, researchers were able to intercept an encrypted transmission that contained a link to a photo on an iCloud server, as well as a 64-digit key that decrypts it. The key wasn’t visible, but the researchers were able to brute-force each digit. The team notified Apple, who says it partially fixed the flaw in iOS 9, and will release the full fix today in iOS 9.3 Update.

He said, “Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right.” Green’s team of graduate students will publish a paper describing the bug as soon as Apple issues a patch for it. Green said that it’s frightening that “we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.”

The following two tabs change content below.
Frederick Damasus is a tech enthusiast and blogger who has a passion for creativity and innovation. He is a self-taught graphic designer and currently delving into web design and development. He loves photography and volunteers his spare time to inspire children in orphanages through dance. He is a trained Petroleum Engineer but found himself in the AID/Development sector. He currently serves as the M&E/ICT Manager at the Center for Creative Development Strategies, an NGO based in Port Harcourt, Rivers State, Nigeria.

Leave a comment

Your email address will not be published. Required fields are marked *