More on iCloud Backups and Encryption

Last week, I linked to Rene Ritchie’s piece and argued that device backups in iCloud should have the option of being encrypted. iTunes offers a similar option. Laurent Boileau pointed me to this Apple knowledgebase article, which indicates that device backups are encrypted in iCloud. I revised my link with a correction:

Past Apple documentation claimed that device backups in iCloud were encrypted, but that didn’t include some user data like Notes, iMessages, and SMS messages. I don’t know why I didn’t verify this before posting, but I apologize for the error.

Now, I’m correcting the record yet again, because I think I was right the first time: iCloud backups may be encrypted, but not in the same way that iTunes backups are.

Michael Tsai in a February 2014 link:

I still think this is misleading because it ignores the fact that iCloud backups are encrypted with a key that’s in Apple’s possession. We know this because you can buy a new iPhone and restore your backup simply by entering your Apple ID and password. And we know that your password itself is not the key because Apple’s support people can restore your account access if you forget your password.

This runs counter to the expectations in Apple’s security guide (PDF). Page 16, under the “Keybags” heading:

Backup keybag is created when an encrypted backup is made by iTunes and stored on the computer to which the device is backed up. A new keybag is created with a new set of keys, and the backed-up data is re-encrypted to these new keys.

And page 17:

iCloud Backup keybag is similar to the backup keybag. All the class keys in this keybag are asymmetric (using Curve25519, like the Protected Unless Open Data Protection class), so iCloud backups can be performed in the background. For all Data Protection classes except No Protection, the encrypted data is read from the device and sent to iCloud. The corresponding class keys are protected by iCloud keys.

It also differs from the expectations made by that knowledgebase article, which says that iCloud “always encrypts your backups” while iTunes “offers encrypted backups (off by default)”.

My — admittedly, entry-level — understanding of everything I’ve read about this is that device backups are, indeed, encrypted in iCloud but users don’t hold the keys — Apple does. The comparison they make to iTunes in that knowledgebase isn’t fair because encrypted backups made using iTunes are entirely in the user’s control, while encrypted backups made using iCloud are in Apple’s control.

I should have been clearer in my initial link to Ritchie’s article: iCloud should offer an encrypted device backup option that is tied to an Apple ID, or to a secondary device. That means that if a user were to change their Apple ID password, the backup would become invalid and a fresh one would need to be created; but, it also makes iCloud backups that much safer.

I think I got this right this time, but please do let me know if I goofed again.