Apple has introduced “Contact Key Verification.” This groundbreaking feature aims to fortify user privacy and identity verification against evolving threats using state-of-the-art cryptographic methods and Key Transparency.
Contact Key Verification is designed to help detect sophisticated attacks on iMessage servers while allowing users to verify the identity of their communication partners. This feature directly addresses vulnerabilities associated with key directory services, a critical aspect of secure communication.
Typically, key directory services map user identifiers to public keys. However, these services can become a single point of failure if compromised. Contact Key Verification provides a more secure way to verify the identities of communication partners.
To address these issues, Apple has implemented Key Transparency (KT), a mechanism similar to Certificate Transparency. KT uses a verifiable log-backed map data structure that allows cryptographic proofs and audits for consistency over time. This approach offers scalability and user privacy, going beyond the limitations of the existing key directory system.
Apple’s implementation introduces an account-level ECDSA signing key, generated and stored on the user’s device in iCloud Keychain. This synchronized account key is used by devices to sign iMessage public keys, with data stored in the Identity Directory Service (IDS) database and synchronized with the Key Transparency service.
When users enable Contact Key Verification, their devices automatically and cryptographically verify the data presented by IDS against the KT map. Any inconsistencies trigger user notifications. Users’ devices also periodically verify the data, ensuring consistency across all their devices.
Apple has incorporated a manual contact verification feature using shortcodes, providing an additional layer of security for users who require it. This verification process extends to all users’ devices, maintaining consistency when signing in on new devices. Public verification codes have been introduced for users with public personas, guaranteeing the accurate verification of their contact keys.
Apple’s implementation includes on-device verification of critical append-only logs for user control and security. The Messages app verifies log consistency, mitigating potential compromises of the KT service.
Apple will soon launch Key Transparency, including internal auditing across production trees. More details about public auditing will follow. iMessage Contact Key Verification is available in developer previews of iOS 17.2, macOS 14.2, and watchOS 10.2, promising enhanced security for Apple’s messaging platform.
With Contact Key Verification and Key Transparency, Apple is taking a bold step towards ensuring the privacy and security of iMessage users in an ever-evolving digital landscape.