Flaw Discovered In Apple iMessage Encryption, Reminding Us That Compelled Backdoors Are Idiotic
from the encryption-is-hard dept
One of the points that seems to be widely misunderstood by people who don't spend much time in computer security worlds, is that building secure encryption systems is really hard and almost everything has some sort of vulnerability somewhere. This is why it's a constant struggle by security researchers, cryptographers and security engineers to continually poke holes in encryption, and try to fix up and patch systems. It's also why the demand for backdoors is idiotic, because they probably already exist in some format. But purposely building in certain kinds of backdoors that can't be closed by law almost certainly blasts open much larger holes for those with nefarious intent to get in.Case in point: over the weekend, computer science professor Matthew Green and some other researchers announced that they'd discovered a serious hole in the encryption used for Apple's iMessage platform, allowing a sophisticated hacker to access encrypted messages and pictures. And, Green, who has been vocal about the ridiculousness of the DOJ's request against Apple, notes how this is yet more evidence that the DOJ's request is a bad idea:
“Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right,” said Green, whose team of graduate students will publish a paper describing the attack as soon as Apple issues a patch. “So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.”It's worth noting that the flaw that he and his team found would not have helped the FBI get what it wants off of Syed Farook's iPhone, but it's still a reminder of just how complex cryptography currently is, at a time when people are trying to keep everyone out. Offer up any potential backdoor, and you're almost certainly blasting major holes throughout the facade.
Apple is getting ready to push out a software update that will fix the flaw shortly. And this, alone, is yet another reason why the DOJ's case is so dangerous -- since the method it wants to use to get into Farook's phone is via its capabilities to push software updates. Patching software holes is a major reason to accept regular software updates, but the FBI is now trying to co-opt that process to install unsafe code. That, in turn, may prompt people to avoid software updates altogether, which in most cases will make them less safe.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: complexity, cryptography, doj, encryption, fbi, imessage, matthew green, privacy
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
It's still not the same thing
The issue with the FBI is that they want to conscript Apple to build something unprecedented. That can only be done because it is possible to patch the firmware of the component which holds the secret keys.
I'm sure Apple and others are working on ways that the hardware component which keeps the secrets a secret cannot have patches. The simpler this component, the easier to get it right the first time so that patches are never needed. I don't think Apple ever believe it would need to patch this component of the system, yet it was possible.
If the secure component that imposes the time delays and maximum bad password attempts, cannot be patched, then what will the FBI do in the future when there really is no way to fix this with a software update?
Will the world come to an end because a few bad people can use iPhones? Probably not any more likely than if they used other devices to communicate privately.
[ link to this | view in chronology ]
Re: It's still not the same thing
“How the Feds Could Get Into iPhones Without Apple’s Help” by Kim Zetter, Wired, Mar 2, 2016What Weaver doesn't say is that baseband processor is on physically separate silicon than the application processor. It is logically attached to the application processor by a physical, external bus.
When an attacker has complete physical control over the hardware, the baseband processor may be physically removed from the iPhone, and another device connected in its place. That replacement device might be built by that attacker, who would then naturally have full physical and logical control over it.
Apple might counter by encrypting and/or authenticating the signals on the external bus. But the iPhone is a battery-operated, consumer device.
[ link to this | view in chronology ]
Knock -on consquences of key escrow or similar
First, open source goes away legally. Especially open source crypto implementations - they might not have the key escrow feature or the law enforcement access feature. I believe that logically you follow this and all but the trivial open source becomes illegal or legally questionable. Do we want this? I'm certain that Microsoft, Apple and Cisco would like it.
Second, if communications have to be decryptable on demand, with key escrow, or a "golden key" or something, then ultimately law enforcement agencies will end up randomly sampling, or even universally checking, that what looks like communications with a golden key actually comprises communications with a golden key or escrowed key, and not some other illegal form of encrypted communications. This also seems like a bad idea. Getting interoperating DES implementations was notoriously difficult - what keeps SOCA or FBI from charging some inept programmer with Illegal Cryptography just because said inept programer made a inmplementaion of some crypto algorithm that didn't do parity correctly or initiall set some, but not all bitz to zero, items not explicitly spelled out in the Official Algorithm?
I see key escrow or golden key cryptography or mandated backdoors as ways to (maybe inadvertantly) shut down any innovation not approved by governments and/or big corporations. Am I off base here?
[ link to this | view in chronology ]
Eminent patch, or is it?
[ link to this | view in chronology ]
Not the messages themselves
[ link to this | view in chronology ]
The list just keeps growing, doesn't it.
[ link to this | view in chronology ]
iTS ALWAYS ENTERTAINED ME
Over all the past Claims in movies and by the Gov, and telco..that everything was being hacked..
There is allot of work, placed in MOST software to protect devices from hacking, FOR A REASON..
Hardware can be defeated, Most times...because of 1 fact, Customer @#$@ things up and there has to be a way to reset the device, so it can be USED again.
A hardware device that could NOT be reset, would be a BRICK if someone forget a password..
Software always has FLAWS..If you could protect Software from every form of hacking, you would have a BLOATED SLOW piece of garbage.. The developers place code in it for testing and running around a game to see/do and do/fix STUFF, but SELDOM remove this code. And if they did, it would make it HARDER to fix/update a game or program..
THERE ARE tricks...using augmented hardware with Good software, can protect very well, until someone figures it out.. Do not THINK, you are smarter then the person NEXT DOOR.. THINGS have to change on a regular basis to keep the system SAFE..
DONT even think about DRM..very little of it has ever worked.
[ link to this | view in chronology ]
Chosen Ciphertext Attacks on Apple iMessage
Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage.
Christina Garman, Matthew Green, Ian Miers, Gabriel Kaptchuk, Michael Rushanan.
[ link to this | view in chronology ]
Huh?
[ link to this | view in chronology ]