US gov to Apple: COUGH UP iMessages or FEEL our FEDERAL FROWN
Could 'cuffs on Cupertino crash your crypto keys?
It's been reported that US officials might yet do battle with Apple over customers' encrypted communication.
The idea is raised in The New York Times, which has managed to get Justice Department and FBI officials to say that folks in those agencies want to see Apple cuffed and in the dock.
The case in question pertains to the ongoing tug-of-war between the tech sector and the US government over the way that mathematics keeps thwarting agencies like the FBI, the Drug Enforcement Administration (DEA), the CIA and the NSA.
The DEA first stubbed its toe on iMessage in 2013, resulting in a court order that the NYT said was granted “this summer” ordering Cupertino to hand over iMessage conversations “in real time”.
Apple's response was to apparently reiterate previous statements: user messages are encrypted using asymmetric encryption, and users' keys are held on their iThings. That arrangement renders the messages inaccessible to Apple, so whatever it were to hand over would be similarly useless to the DEA.
The relevant note from Apple starts on page 35 of the iOS security guide (PDF) (it's worth noting that some metadata, like the Apple Push Notification service number and message timestamps are retained unencrypted by Apple).
There are some circumstances under which messages could feasibly be accessible to Apple. Last year, QuarksLab researcher Cyril Cattiaux said Apple's control of the key infrastructure meant it could get messages by key interference. However, that's a hypothetical scenario and there's no reason to think Apple hasn't kept the faith.
The news comes just ahead of Microsoft's return to an appeals court this week. Redmond is trying to defend its stance that US courts don't have jurisdiction over e-mail servers in Dublin.
The DEA wants a Microsoft customer's address book and e-mails as part of a drug investigation. Last year, Microsoft took the novel step of asking a US district court to hold it in contempt, giving it a trigger to launch an appeal that it intends will end up in the Supreme Court.
Regular readers of The Register will be able to predict that Apple declined to comment to the New York Times. ®
Sponsored: Becoming a Pragmatic Security Leader