iMessage is encrypted, but you and I don't have the keys for our own decryption as far as I'm aware. Meaning that if law enforcement wanted to take a look at your messages, its all there.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Everything You Need to Know About Apple's New iCloud Encryption Feature
- Thread starter MacRumors
- Start date
- Sort by reaction score
The only way Law Enforcement can get access to iMessages is through the iCloud backup, which is no longer an issue once you've enabled Advanced Data Protection.
How is this going to work with multiple devices? Say you turn on this feature on your iPhone. Now the encryption key only exists on your phone; nobody else has it. Later on you buy a Mac. How will it be able to access the iCloud?
The same way you Mac gets access to the iCloud Keychain. Once your Mac logs into iCloud, the iPhone shares the encryption key to your iCloud Keychain which contains the advanced encryption keys.
Frankly, I'm not sure how the access to the Keychain works either. 😊
So, when the Mac successfully logs into the Apple account for the first time, Apple sends a notification to the other devices that are currently connected to the same Apple ID (similarly to how it sends them the 2FA codes for the new login), and one of them contacts the new device and shares the encryption key with it. Is this the idea?
What if you only have one device attached to your iCloud account, and you're replacing it? Say, you're trading in your old phone for a new one, and you have no Macs or iPads. An obvious workaround would be to add your new phone to your account before removing the old one, but that may not always be an option.
When adding a new device it more or less works as you describe. There’s some wizardry behind the scenes, but that’s the result.
When replacing a single device that you no longer have you will need to authorize that device using a code sent to one of your trusted phone numbers.
Get a verification code and sign in with two-factor authentication - Apple Support
With two-factor authentication, you’ll need a verification code to sign in to your Apple Account on a new device or browser.
After you do that, you will be asked to enter the passcode from the old device. If you know it you are good. If you don’t, you’ll need to use the recovery contact or code to access your data.
I guess this means that the advanced encryption key doesn't actually reside on our devices, as I had understood from Apple's description of the feature. Because in that case it would be irrecoverable in case we had only one device, and it got lost, or damaged, or removed from the account prior to selling it.
If merely knowing the passcode of another device, without also having direct access to that device itself, can get you back in, then the encryption key must reside somewhere in the iCloud - most likely in your Keychain. And the Keychain is probably encrypted in such a manner that the passcode of any authorized device can decrypt its encryption key. Probably similarly to how FileVault works, i.e. having an encryption key that's itself encrypted, and which can be decrypted with the logon password of any authorized user.
I think it makes sense. Thanks!