A Few Thoughts on Cryptographic Engineering: Attack of the Week: Apple iMessage
Attack of the Week: Apple iMessage Today's Washington Post has a story entitled "Johns Hopkins researchers poke a hole in Apple's encryption", which describes the results of some research my students and I have been working on over the past few months.
As you might have guessed from the headline, the work concerns Apple, and specifically Apple's iMessage text messaging protocol. Over the past months my students Christina Garman, Ian Miers, Gabe Kaptchuk and Mike Rushanan and I have been looking closely at the encryption used by iMessage, in order to determine how the system fares against sophisticated attackers. The results of this analysis include some very neat new attacks that allow us to -- under very specific circumstances -- decrypt the contents of iMessage attachments, such as photos and videos.
Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage