>> With a court order if the info can be gotten it should've given up in this case the info cannot be gotten.
>> KLM
>
> Then make it so iCloud info can't be gotten by anyone but the person who put the information there.
> Alice
When your device goes to make an iCloud backup, the data travels to Apple's servers securely (AES-128 encryption and SSL).
But once there, it is presently de-crypted by Apple, then re-encrypted using an Apple-owned secret key.
With an appropriate court order, Apple, in possession of this data, is required to decrypt the data and provide it to law enforcement (it is in Apple's possession, the key to decrypt it is also in Apple's possession, and the work of decryption is therefore trivial).
Although I am sure there are other safe, simple, and secure ways to do this (i.e., increase the security of data in the cloud), my suggestion is this:
Whenever a user sets up an AppleID with Apple, both a public and a private encryption key are generated, and stored on the user's device, connected with that AppleID. When an iCloud backup is initiated — or the storage of ANY user data — it is first encrypted with that public key, then securely transmitted to Apple.
Then the user-encrypted data is stored on Apple's servers. It is never de-crypted — nor *can* it be — until it is back on the user's computer or device, using the user's private key, known only to the user (or, more likely, to the user's computer or device.
This is essentially a mirror of how a device backup is accomplished already, if you told iTunes to back up the device, and told it to encrypt that backup.
While sufficiently complex AES encryption (-128 or higher) is not particularly susceptible to decryption even by the sort of advanced quantum computer that the FBI is likely to have available in 10-15 years, dual-key encryption *IS* susceptible.
But this would nevertheless buy us several years to improve security techniques.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jim Saklad mailto:jimdoc@icloud.com
Posted by: Jim Saklad <jimdoc@icloud.com>
| Reply via web post | • | Reply to sender | • | Reply to group | • | Start a New Topic | • | Messages in this topic (47) |
