iMessage No more Reliable?
According to some reports published this Monday, a team of IT researchers from John Hopkins University has worked out a way to crack open the files sent through the iMessage app. However, it was not at all easy to do so. They spent two whole months in it. The team, under the supervision of Professor Matthew Green made it possible to find out the 64-bit encryption key to open an encrypted image stored on the iCloud.
For stealing the key from the encrypted information carrying it, they developed a software which behaved like an Apple server. By doing so, they were able to get the key from the encrypted transmission.
Once they got the key, they entered it in the iPhone which was able to decrypt the image and it was visible.
This process could only target an iPhone with an older version of the iOS running on it but Professor Green said that by modifying the method of attack a little, they could even attack the iPhones with a newer operating system. Apple made immediate efforts and released the iOS 9.3 which is not vulnerable to this sort of attack. According to one of the team members Ian Miers, Apple responded to them very quickly and took serious steps to make the phones safer.
Companies like apple cannot implement the security reforms instantly as they have to put the new systems to test in a number of different expected circumstances. Keeping that in view, the response of Apple towards this research is really appreciable.
Does Apple Have a Weak Security?
The fault that the research team has pointed out is , in no way, a fault with the Apple’s encryption algorithm but just an implementation error, said Bailey, one of the officials of Apple’s security research wing. It just enables you to guess one of the digits in the key and once you do that you can only get the access to a single message, image or a video stored on the phone. To access all the data, you will have to repeat the process for every single item which is virtually not possible. Also, the effort needed to access the data using this process, it is not a viable option for mass-scale hacking.
The iPhones are still way better than the phones which do not use encrypted transmission and this flaw is not something that can affect the routine users as it took two months to crack a single image which means it will require a duration of time longer than the age of universe itself to access all the data on the phone.
Myth of Encryption
Recently, the struggle between Apple and FBI regarding the decryption of some iPhones has gained a lot of public attention. The FBI had declared the encryption on iPhones and Macs to be impenetrable but the Hopkins researchers have shown that it is possible to find flaws in it. Apple has some of the best cryptographic engineers working with them, still the encryption can be broken it makes the other low-end systems totally obsolete when it comes down to encryption.