Apple has reportedly revealed exactly how secure its iMessage service is. The iMessage service uses cryptography, which is nothing but a set of distinct codes assigned as specific keys for each message sent and received. Also Read - Beeper app universal chat app will integrate iMessage on Android, Windows
According to TechCrunch,Apple uses public-key cryptography, which is based on a principle that each message has two keys, one for input and other for pickup, and unless someone finds a copy of the pickup key, or find a weakness in the system, there is no way intercept. When a user first enables iMessage, the device creates two sets of private and public keys: one set for encrypting data, and one set for signing data, and if these two keys ever don’t match up, red flags start going off. The public keys are sent to Apple’s servers, while private keys are stored on the device.
When someone starts an iMessage conversation, they fetch a user’s public key(s) from Apple’s servers and before that message leaves the sender’s device, it’s encrypted into something that only the device knows how to decrypt.
A user gets one set of keys for each device they add to iCloud, and each iMessage is encrypted independently for each device and stored on Apple’s servers accordingly.
The report said that while some data like the timestamp and APN routing data is not encrypted, all of the independently encrypted/non-encrypted data is encrypted as a whole package, on the trips between a device and Apple’s servers. Apple doesn’t have any backdoor access to the iMessages sitting on its servers, tucked into their many-layers-deep encryption. The company can’t read them without a fairly insane amount of effort.