|
|
|
|
|
|
by spookthesunset
1816 days ago
|
|
|
How do both parties determine the keys used during a conversation? Are they making heavy use of public key cryptography? If so how? When I send a message to you, do I encrypt it using your public key? What about group messages? Does each conversation get its own key pair? Also it’s interesting they decided to directly hit up google cloud… you’d think they would wrap it so at minimum they could tweak the underlying infrastructure without requiring every client to update. |
|
|
They don’t: public key cryptography is not initially used.
The sender generates a random AES-256 key, applies it in CTR mode and uploads the encrypted blob to GCS.
Every receiving device gets a message with the key, the URI, and the SHA-1 of the blob. These messages are encrypted as usual and sent via APNS (<n>-courier.push.apple.com:5223)
> you’d think they would wrap it so at minimum they could tweak the underlying infrastructure without requiring every client to update
Apple does this: two other endpoints are *.blobstore.apple.com and the Chinese Guizhou-Cloud Big Data.
In my logs blobstore is used less than 1% of the time.