iMessage encryption stumps US federal agents

A recent investigation conducted by US Drug Enforcement Administration agents has been temporarily derailed after they failed to decrypt messages the targets exchanged via Apple’s iMessage system.

According to an internal DEA note that was leaked to Cnet, the encryption used for the messaging system makes it “impossible to intercept iMessages between two Apple devices,” regardless of the cell phone service providers.

Another problem for law enforcement is these iMessages “are not captured by pen register, trap and trace devices, or Title III interceptions,” which could end up with investigators missing crucial exchanges.

iMessages between an Apple device and a non-Apple device are transmitted as SMS messages and can sometimes be intercepted, and more easily if the intercept is placed on the non-Apple device, adds the memo.

As Dallas De Atley, manager of the platform security team at Apple, shared last year at Black Hat, the iMessage encryption is based on unique identifiers embedded in the hardware, uses a hardware encryption engine, and supports full AES and SHA encryption.

Law enforcement isn’t exactly helpless in cases such as these, as they can get a court order and demand Apple to help them intercept and decrypt the messages.

Still, there is a big push by federal authorities to set legislation that will make all similar communications accessible to them when legally requested.