This Week's Sponsor:

Kolide

Ensures that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.

Posts tagged with "Encryption"

iMessage Is Preparing for a Post-Quantum Computing World

Yesterday, Apple’s Security Research website published a report on a cryptographic security upgrade coming to iMessage with the release of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4 called PQ3. It’s a forward-looking, preemptive upgrade that anticipates a future where quantum computers will be able to defeat today’s cryptographic security with ease. That day isn’t here yet, but PQ3 is rolling out with the next series of Apple’s OS updates to protect against a scenario known as Harvest Now, Decrypt Later where bad actors collect vast amounts of encrypted data today, anticipating a future where it can be decrypted by quantum computers.

Source: Apple.

Source: Apple.

If you’ve heard the term quantum computing thrown around in the past and don’t know what it is, I highly recommend a couple of explainer articles by the MIT Technology Review that cover both quantum computers and post-quantum cryptography.1 But if the details don’t interest you, the bottom line is that PQ3 is being added to iMessage today in anticipation of a day in the future where today’s end-to-end encryption techniques don’t work anymore. Here’s how Apple’s paper explains it:

Historically, messaging platforms have used classical public key cryptography, such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange, to establish secure end-to-end encrypted connections between devices. All these algorithms are based on difficult mathematical problems that have long been considered too computationally intensive for computers to solve, even when accounting for Moore’s law. However, the rise of quantum computing threatens to change the equation. A sufficiently powerful quantum computer could solve these classical mathematical problems in fundamentally different ways, and therefore — in theory — do so fast enough to threaten the security of end-to-end encrypted communications.

Although quantum computers with this capability don’t exist yet, extremely well-resourced attackers can already prepare for their possible arrival by taking advantage of the steep decrease in modern data storage costs. The premise is simple: such attackers can collect large amounts of today’s encrypted data and file it all away for future reference. Even though they can’t decrypt any of this data today, they can retain it until they acquire a quantum computer that can decrypt it in the future, an attack scenario known as Harvest Now, Decrypt Later.

PQ3 protects against a post-quantum world by setting up an iMessage conversation with a new post-quantum public key system and then periodically updating the keys so that if the keys are compromised, it won’t compromise the entire conversation. The system also uses existing cryptographic algorithms for portions of the encryption process that aren’t vulnerable to a Harvest Now, Decrypt Later scenario.

There is a lot of additional detail in Apple’s report, as you can imagine, including information about the review process that the new system has undergone and the way it is applied to iMessage in particular, which explains the design considerations that were necessary to apply these cryptographic techniques at the scale of iMessage in a way that doesn’t compromise users’ experience.

There’s more to be done to ramp up iMessage’s security even further as we approach a world where quantum computers are a threat to traditional cryptography. However, as Apple’s report concludes, with the imminent OS updates, iMessage will be “the global state of the art for protecting messages against Harvest Now, Decrypt Later attacks and future quantum computers.”

I’ve heard iMessage security get thrown under the bus a lot lately as an excuse Apple uses to protect its market dominance. There’s no reason that protecting customer communications and market-share can’t both be true. However, I think you’d be hard-pressed to read a report like this one and not come away believing that customer privacy and security are also a sincere goals at Apple.

  1. Yes, these are the sorts of articles I save in my read-later app. It’s a fascinating topic that also helps me fall asleep at night, so it’s a win all around. ↩︎
Permalink

FBI Accessed San Bernardino Shooter’s iPhone Without Apple, Drops Litigation

Sheera Frenkel and Hamza Shaban, writing for BuzzFeed:

The Justice Department (DOJ) announced Monday that it had successfully accessed data on the iPhone used by one of the San Bernardino shooters and that it was dropping its case against Apple to help unlock the phone.

Investigators are no longer seeking Apple’s help to penetrate the device, according to a court filing by the DOJ Monday.

A week ago the Department of Justice successfully postponed a court hearing after revealing that the FBI had been approached by a third party who had a possible method to unlock the iPhone (subsequently rumored to be Israeli firm Cellebrite). That method appears to have paid off, with the Department of Justice asking the court to vacate the order compelling Apple to assist the FBI and writing in its Status Report to the court that:

The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016.

In response to the Department of Justice’s Status Report, Apple issued a response to The Verge and other media outlets:

From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought.

We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated.

Apple believes deeply that people in the United States and around the world deserve data protection, security and privacy. Sacrificing one for the other only puts people and countries at greater risk.

This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion.

Permalink

Tim Cook on Encryption, Public Safety, and Right to Privacy

TIME’s Nancy Gibbs and Lev Grossman have published the full transcript of a Tim Cook interview that will be the subject of the magazine’s March 28 cover story.

It’s a lengthy interview, with Cook discussing a variety of issues related to the FBI’s requests in the San Bernardino case. Cook comments on his views on encryption in the modern technological landscape, how the US Congress should approach this debate, and why Apple views the FBI’s demands as a threat to civil liberties. It’s a great read with some fantastic passages.

The thing that is different to me about Messages versus your banking institution is, the part of you doing business with the bank, they need to record what you deposited, what your withdrawals are, what your checks that have cleared. So they need all of this information. That content they need to possess, because they report it back to you.

That’s the business they’re in. Take the message. My business is not reading your messages. I don’t have a business doing that. And it’s against my values to do that. I don’t want to read your private stuff. So I’m just the guy toting your mail over. That’s what I’m doing. So if I’m expected to keep your messages, and everybody else’s, then there should be a law that says, you need to keep all of these.

Now I think that would be really bad. I think it would be really bad because in order for me to keep them, I have to have a way to see them. If I have to have a way to see them and a place to copy them, you can imagine—if you knew where the treasure was buried at, and everybody else did, then it puts a bull’s eye on that target. And in the world of cyber security, the last thing you want is to have a target painted on you.

Permalink

Last Week Tonight With John Oliver on Encryption

HBO’s Last Week Tonight with John Oliver tackled the Apple-FBI fight over encryption in this week’s episode and did a phenomenal job. As always, Oliver uses humour as a tool to help illuminate the absurdity of various propositions, whilst also keeping people engaged when the topic is dry or complicated. As a result, this 17 minute video is perfect for anyone, even if you haven’t been paying much attention to this encryption debate so far.

You can watch the video on YouTube, but be warned it is NSFW. For those of you in countries where the video is geo-blocked (ugh), you should also be able to view it on the Last Week Tonight Facebook page.

Be sure to stick around to the end as there’s a brilliant satirical Apple advert that you really have to see.

Permalink

Clipper Chip Redux

Steven Levy writing on Backchannel:

Is it any wonder that the government is rebooting the crypto wars? For the first time, it’s really struggling with the results of the first war, as more information is now encrypted, increasingly in a manner the government finds really hard (or impossible) to decode.

[…]

As with the first round of the crypto wars, the stakes could not be higher. Once again, the government is seeking to control that genie first released by Diffie and Hellman. But the physics of computer security have not changed. Last July, a panel of fifteen eminent security specialists and cryptographers — many of whom are veterans of the first crypto war — released a report confirming there was no way for the government to demand a means of bypassing encryption without a dire compromise of security. It just doesn’t work.

The crypto wars, as Steven Levy calls them, are not new. In his excellent 2001 book Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age, Levy recounted the struggle during the 90s between a small group academics who developed public key encryption and the US government, which was determined to outlaw encryption or mandate a back door. Sound familiar?

Memories are short, especially on the Internet. With the Department of Justice’s insistence that Apple unlock a terrorist’s iPhone, we are facing the same issues that were addressed in the 1990s. The difference is that the stakes are higher now. For individuals, there has never been more private data stored electronically, whether on a device like an iPhone or in the cloud. For governments, we have reached a point where some information is too hard, or impossible, for them to recover thanks to cryptography. As the struggle over the future of encryption plays out, it’s useful to keep in mind the perspective of those like Levy who were there the first time around.

Permalink

Craig Federighi on Encryption and the FBI’s Demands

Craig Federighi, Senior Vice President of Software Engineering at Apple, writing for The Washington Post:

That’s why it’s so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013. But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What’s worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.

A cogent argument from Federighi. It follows on from Tim Cook’s open letter and interview with ABC News, as well as Bruce Sewell’s testimony to a congressional committee.

Permalink

Apple Files Motion to Vacate FBI Order

BuzzFeed:

Apple filed a motion in court on Thursday asking a judge to remove an order demanding the company help crack the iPhone belonging to one of the San Bernardino terrorists — arguing the order is not authorized under current law and, in any event, is unconstitutional.

“This is not a case about one isolated iPhone. Rather, this case is about the Department of Justice and the FBI seeking through the courts a dangerous power that Congress and the American people have withheld,” the motion begins.

You can read the document in its entirety here. Here’s a section that stood out to me:

And if it succeeds here against Apple, there is no reason why the government could not deploy its new authority to compel other innocent and unrelated third-parties to do its bidding in the name of law enforcement. For example, under the same legal theories advocated by the government here, the government could argue that it should be permitted to force citizens to do all manner of things “necessary” to assist it in enforcing the laws, like compelling a pharmaceutical company against its will to produce drugs needed to carry out a lethal injection in furtherance of a lawfully issued death warrant, or requiring a journalist to plant a false story in order to help lure out a fugitive, or forcing a software company to insert malicious code in its auto-update process that makes it easier for the government to conduct court-ordered surveillance. Indeed, under the government’s formulation, any party whose assistance is deemed “necessary” by the government falls within the ambit of the All Writs Act and can be compelled to do anything the government needs to effectuate a lawful court order. While these sweeping powers might be nice to have from the government’s perspective, they simply are not authorized by law and would violate the Constitution.

Permalink

The Apple Case Will Grope Its Way Into Your Future

Farhad Manjoo, writing for The New York Times:

Consider all the technologies we think we want — not just better and more useful phones, but cars that drive themselves, smart assistants you control through voice or household appliances that you can monitor and manage from afar. Many will have cameras, microphones and sensors gathering more data, and an ever more sophisticated mining effort to make sense of it all. Everyday devices will be recording and analyzing your every utterance and action.

This gets to why tech companies, not to mention we users, should fear the repercussions of the Apple case. Law enforcement officials and their supporters argue that when armed with a valid court order, the cops should never be locked out of any device that might be important in an investigation.

But if Apple is forced to break its own security to get inside a phone that it had promised users was inviolable, the supposed safety of the always-watching future starts to fall apart. If every device can monitor you, and if they can all be tapped by law enforcement officials under court order, can anyone ever have a truly private conversation? Are we building a world in which there’s no longer any room for keeping secrets?

Permalink