CYRIL ‘@POD2G’ CATTIAUX & GG (Security Researchers, QuarksLab)

PRESENTATION TITLE: How Apple Can Read Your iMessages and How You Can Prevent It

PRESENTATION ABSTRACT:

Apple’s Commitment to Customer Privacy is available online since the brand appeared in the PRISM affair. At least, one sentence is very questionable: “For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.”

Is it true? No. Can Apple read your iMessages? YES. Do they do it? Unfortunately, we can not answer.

Quarkslab team studied iMessage protocol for quite some time. We will explain the protocol layers, with Push then iMessage itself. With this understanding, we will be able to try to build a MITM attack toward iMessage. We will explain the mandatory conditions for the MITM to succeed. We will take you deep into the crypto used for encryption, authentication and key management. All pieces put together will prove that Apple can technically read your iMessages whenever they want.

Last but not least, we will release a tool for jailbroken devices preventing such MITM attacks.

ABOUT CYRIL ‘@POD2G’ CATTIAUX

Cyril (@pod2g) is a security researcher working for QuarksLab who has discovered and exploited several bootrom exploits on iDevices, including 24kpwn, steaks4uce, and SHAtter, as well as several userland and kernel exploits that have been used in various jailbreak tools. He is the initiator of Corona and Rocky-Racoon, the latests public jailbreaks for iOS. In December 2012, he created the 2G Lab company, focused on software development and security research projects.

ABOUT GG

gg is a security researcher working at Quarkslab since the beginning. He enjoys reverse engineering, math and looking under the hood at algorithms to understand how to tweak them.