2023-10-28 16:30:00
With iOS/iPadOS 17.2 and macOS Sonoma 14.2, developer test versions of which were made available this week, Apple has finally introduced iMessage Contact Key Verification (iMessage Contact Key Verification)a feature that had been announced at the end of last year and which improves the security checks already existing on the platform.
Em a post on your support siteApple explained in detail how the new feature works, highlighting that it was “designed to detect sophisticated attacks against iMessage servers and allow users to verify that they are only sending messages to those they intend to”.
To support the explanation, Maçã contextualized the operation of the service’s end-to-end encryption. According to the company, each device connected to an iMessage account generates its own set of cryptographic keys, which can be public and private.
When a user sends a message to another, the system maps the sender’s identifier (number or email) to the public keys of each of their devices. It is through these public keys, which are stored in a service key directory, that the message can be sent. However, they can only be decrypted by private keys — which are only on the sender’s device.
According to Apple, there is a point of failure in this model, as a powerful adversary may be able to compromise the key directory service and force it to return corrupted public keys for the purpose of controlling the private keys — which would allow this adversary intercept or monitor the exchange of messages from a target user.
According to Apple, solutions such as manually comparing encryption keys can be effective, but are not practical from the user’s point of view, as verification is required every time a new device is logged in. Messengers like Signal even make it possible to transfer an account to a new device, but when a user logs into a new device without using this method, all other users who interacted with them are notified.
How does iMessage Contact Key Verification work?
By introducing iMessage Contact Key Verification, Apple tried to establish some goals, such as protecting a “source of truth” of keys and metadata from unauthorized access, synchronizing this data across all current and future devices authorized by a user, and detect discrepancies between what the key directory service and what the identifiers themselves present to the user.
According to the company, this automatic verification should work for all conversations — including private and group messages. Notifications should only be sent under unexpected security conditions and should be rare and precise. Basically, all the verification work will be up to the software, not the user.
iMessage Contact Key Verification uses the Key Transparency (KT) protocol, a mechanism that utilizes a map data structure backed up by log verifiable — enabling it to provide cryptographic proof of inclusion as well as be audited for consistency over time.
Already used by WhatsApp with the protocol Auditable Key Directory (AKD), KT has had its implementation enhanced by iMessage to allow devices themselves to “check consistency proofs and ensure consistency of the KT system across all user devices for an account.”
Apple’s transparency service also uses a verifiable map data structure, capable of merging any changes within minutes. It is similar to the one implemented in the Meta app, but produces SMTs to make device keys immediately verifiable — which makes it possible to automate and maintain the instant usability of the messenger.
With iMessage Contact Key Verification — which is integrated with the existing Apple Identity Service (IDS) — enabled on the devices of two communicating users, if either device experiences a validation error, a error will be displayed directly in the conversation transcript.
According to Apple, each device will query the IDS for its own account information and compare the data to that returned by the KT service to notify the user of any inconsistencies. It is the combination of this data from the KT service and that from the device’s encrypted key directory that prevents the presentation of divergent data.
But even this automatic verification may be insufficient for some users and, therefore, Apple will allow you to manually compare verification codes — a possibility that will even extend to future connected devices. This modality uses the Vaudenay SAS protocol, which allows you to compare short codes and check whether they are the same as those presented in the IDS.
When marking a code as verified, the hash The other user’s account key is linked to your contact card, so if the account key changes, Messages will display an error message.
Interesting, don’t you think?
1698534391
#Understand #iMessage #Contact #Key #Verification #works