Officials at the Justice Department have reportedly considered suing Apple to force it into providing an iMessage wiretap.
The New York Times on Monday reported that Apple was served a court order by the Justice Department this summer over an investigation involving drug and gun crime, demanding it provide real time access to text messages sent between suspects using iPhones.
Apple reportedly said its iMessage system was encrypted and, as a result, it couldn't comply with the order. Consequently, the company can't provide the same interception capabilities to law enforcement officials under US wiretap laws as telecoms operators can.
Apple's apparent defiance came amid calls this summer from the FBI director James Comey for a master key to bypass end-to-end encryption, where companies such as Apple and WhatsApp that offer messaging services don't have access to the decryption keys. Instead, encryption and decryption occurs on the devices.
In response, Apple CEO Tim Cook argued earlier this year that forcing the company to provide a master key would be "incredibly dangerous" and would be like putting a "key under the mat for the cops" that a burglar could find too. Master keys can leak too, as a Washington Post story about the Transport Security Agency's physical master keys recently demonstrated.
Apple also doesn't keep copies of users' messages unless they're backed up to iCloud, where they're not encrypted. The New York Times report notes that Apple did turn over some stored iCloud messages in the investigation, though not the real-time texts the FBI wanted.
According to the report, Apple's reasoning has prompted calls within the Justice Department and the FBI to take Apple to court. However, those plans are on hold and officials believe that winning a case would be a long shot.
Despite Apple's claims that it cannot provide a wiretap on iMessage, Nicholas Weaver, a computer security researcher at the International Computer Science Institute in Berkeley, last month outlined why Apple does in fact support wiretapping in iMessage. That's due to the central key server used to handle public keys and the fact that devices don't have a way to independently confirm that the server provides the correct key for the intended participants.
As Weaver explains: "When Alice wants to send a message to Bob, Alice's iPhone contacts Apple's keyserver, a central authority which knows everyone's public keys, and asks 'I am Alice, please tell me all my public keys' and 'I am Alice, please tell me all of Bob's public keys'. Then Alice's phone encrypts the message with all the public keys and sends the result to Apple, which forwards the encrypted messages onto everyone's devices. Since only the devices know the corresponding private keys and not appleID, Apple claims this is 'end-to-end' secure."
"But there remains a critical flaw," he continued. "There is no user interface for Alice to discover (and therefore independently confirm) Bob's keys. Without this feature, there is no way for Alice to detect that an Apple keyserver gave her a different set of keys for Bob. Without such an interface, iMessage is 'backdoor enabled' by design: the keyserver itself provides the backdoor."
In order to tap Alice, the keyserver can be modified to create an FBI key for Alice that's presented to her. As a result, the FBI can decrypt all the messages she receives. To tap Alice's outgoing messages, an FBI key can be added to every request she makes for other people's keys.