Secure iMessage name and photo sharing
iMessage Name and Photo Sharing allows a user to share a Name and Photo using iMessage. The user may select their My Card information, or customize the name and include any image they choose. iMessage Name and Photo sharing uses a two-stage system to distribute the name and photo.
The data is subdivided in fields, each encrypted and authenticated separately as well as authenticated together with the process below. There are three fields:
Name
Photo
Photo filename
One of the first steps in creating the data is to randomly generate a record 128-bit key on the device. This record key is then derived with HKDF-HMAC-SHA256 to create three subkeys: Key 1:Key 2:Key 3 = HKDF(record key, “nicknames”). For each field, a random 96-bit Initialization Vector (IV) is generated and the data is encrypted using AES-CTR and Key 1. A message authentication code (MAC) is then computed with HMAC-SHA256 using Key 2 and covering the field name, the field IV, and the field ciphertext. Finally, the set of individual field MAC values are concatenated and their MAC is computed with HMAC-SHA256 using Key 3. The 256-bit MAC is stored along side the encrypted data. The first 128 bits of this MAC is used as RecordID.
This encrypted record is then stored in the CloudKit public database under the RecordID. This record is never mutated, and when the user chooses to change their name and photo, a new encrypted record is generated each time. When user 1 chooses to share their name and photo with user 2, they send the record key along with the recordID inside their iMessage payload, which is encrypted.
When user 2’s device receives this iMessage payload, it notices that the payload contains a Nickname and Photo recordID and key. User 2’s device then goes out to the public CloudKit database to retrieve the encrypted name and photo at the record ID and sends it across using iMessage.
After the message is retrieved, user 2’s device decrypts the payload and verifies the signature using the recordID itself. If this passes, user 2 is presented with the name and photo and they can choose to add this to their contacts, or use it for Messages.