{"id":23461,"date":"2023-11-27T10:30:09","date_gmt":"2023-11-27T18:30:09","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/11\/27\/news-17191\/"},"modified":"2023-11-27T10:30:09","modified_gmt":"2023-11-27T18:30:09","slug":"news-17191","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/11\/27\/news-17191\/","title":{"rendered":"What is Contact Key Verification and how is it used?"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/idge\/imported\/imageapi\/2023\/01\/24\/16\/apple-security-100936651-small.jpg\"\/><\/p>\n<p>Many business professionals require <a href=\"https:\/\/www.computerworld.com\/article\/3711160\/nothing-proves-apples-arguments-against-the-eus-dma.html\">highly secure messaging solutions<\/a>, particularly when they travel. Apple\u2019s iMessage will soon offer a new secure identity verification system enterprise professionals might find useful. It\u2019s called <a href=\"https:\/\/www.computerworld.com\/article\/3687636\/how-to-use-apples-advanced-icloud-security-tools.html\">Contact Key Verification<\/a>.<\/p>\n<p>Apple actually announced the system in 2022. It is now expected to go live across the Apple ecosystem with the release of iOS 17.2 and updates for Macs and iPads.<\/p>\n<p>Contact Key Verification is \u201cdesigned to detect sophisticated attacks against iMessage servers and allow users to verify that they\u2019re messaging only with whom they intend,\u201d Apple has said.<\/p>\n<p>Apple says its system is for the same essential group of people it already protects with <a href=\"https:\/\/www.applemust.com\/how-to-use-lockdown-mode-on-your-iphone-ipad-and-mac\/\" rel=\"nofollow noopener\" target=\"_blank\">Lockdown Mode<\/a>\u00a0\u2014 that is, \u201cusers who face extraordinary digital threats, such as journalists, human rights activists, and members of government.\u201d<\/p>\n<p>While iMessage chats are end-to-end encrypted, that security relies on a third-party \u201cKey Directory Server\u201d to authorize devices. That makes the Key Directory Server a potential target for criminals and surveillance.<\/p>\n<p>The problem comes in the event a powerful entity manages to compromise the security protection of that server; once they have done so, it becomes possible to intercept or monitor messages, or even enter the conversation. (This could be a particular concern for people in politics, human rights activists, journalists, businesspeople and others.)<\/p>\n<p>Contact Key Verification helps secure the transaction.<\/p>\n<p>What this means for a user is that Contact Key Verification lets you add a manual verification step inside an iMessage conversation to confirm the person you are speaking with is who their device claims they are.<\/p>\n<p>As we know, iMessage&#8217;s end-to-end encryption means only the sender and recipient of a message can read it. This is achieved because each device in a user\u2019s iMessage account has its own set of encryption keys that are never used on anything else. When a person wants to share an iMessage, the system consults the key directory service to authorize the devices so they can communicate; that\u2019s the vulnerability that might be exploited (as shown above).<\/p>\n<p>To resolve this, iMessage Contact Key Verification uses a mechanism called\u00a0<a href=\"https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity15\/sec15-paper-melara.pdf\" rel=\"nofollow noopener\" target=\"_blank\">Key Transparency (KT)<\/a>. Apple explains this \u201cuses a\u00a0<a href=\"https:\/\/github.com\/google\/trillian\/blob\/master\/docs\/papers\/VerifiableDataStructures.pdf\" rel=\"nofollow noopener\" target=\"_blank\">verifiable log-backed map<\/a>\u00a0data structure, which can provide cryptographic proofs of inclusion and be audited for consistency over time.\u201d \u00a0That\u2019s the function of the spoken code word exchanged between two trusted parties.<\/p>\n<p>Apple has a tech note describing the cryptographic tools used to enable this security protection <a href=\"https:\/\/security.apple.com\/blog\/imessage-contact-key-verification\/\" rel=\"nofollow noopener\" target=\"_blank\">available here<\/a>.<\/p>\n<p>If a device in the chain detects a validation error, the person owning the device that spots the problem will be notified about the error directly in the Messages conversation transcript.<\/p>\n<p>Once Apple ships iOS 17.2, you\u2019ll be able to enable Contact Key Verification within Settings. Here you should tap your name to access your Apple ID settings.<\/p>\n<p>Once you have set up the system, you will have your own personal verification code accessible from within Settings. This is unique to you and your device and will be required to secure any future iMessage communication with others.<\/p>\n<p>No. Contact Key Verification will not work with SMS messaging \u2014 so if you see a green bubble, you cannot assume the communication is secure.<\/p>\n<p><em>Please follow me on\u00a0<a href=\"https:\/\/social.vivaldi.net\/@jonnyevans\" rel=\"nofollow noopener\" target=\"_blank\">Mastodon<\/a>, or join me in the\u00a0<a href=\"https:\/\/mewe.com\/join\/appleholics_bar_and_grill\" rel=\"nofollow noopener\" target=\"_blank\">AppleHolic\u2019s bar &amp; grill<\/a>\u00a0and\u00a0<a href=\"https:\/\/mewe.com\/join\/apple_discussions\" rel=\"nofollow noopener\" target=\"_blank\">Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3711340\/what-is-contact-key-verification-and-how-is-it-used.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.idgesg.net\/images\/idge\/imported\/imageapi\/2023\/01\/24\/16\/apple-security-100936651-small.jpg\"\/><\/p>\n<article>\n<section class=\"page\">\n<p>Many business professionals require <a href=\"https:\/\/www.computerworld.com\/article\/3711160\/nothing-proves-apples-arguments-against-the-eus-dma.html\">highly secure messaging solutions<\/a>, particularly when they travel. Apple\u2019s iMessage will soon offer a new secure identity verification system enterprise professionals might find useful. It\u2019s called <a href=\"https:\/\/www.computerworld.com\/article\/3687636\/how-to-use-apples-advanced-icloud-security-tools.html\">Contact Key Verification<\/a>.<\/p>\n<h2><strong>What is Contact Key Verification?<\/strong><\/h2>\n<p>Apple actually announced the system in 2022. It is now expected to go live across the Apple ecosystem with the release of iOS 17.2 and updates for Macs and iPads.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3711340\/what-is-contact-key-verification-and-how-is-it-used.html#jump\">To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,10480,10403,15547,5897,714],"class_list":["post-23461","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-ios","tag-macos","tag-messaging-apps","tag-privacy","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23461","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23461"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23461\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23461"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}