[_jsn]

"When a user turns on iMessage, the device generates two pairs of keys for use with the service: an RSA 1280-bit key for encryption and an ECDSA 256-bit key for signing. For each key pair, the private keys are saved in the device’s keychain and the public keys are sent to Apple’s directory service"

"The user’s outgoing message is individually encrypted using AES-128 in CTR mode for each of the recipient’s devices, signed using the sender’s private key, and then dis- patched to the APNs for delivery."

Source: http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.p...

When you send an iMessage, you actually send a separate encrypted and signed copy for each recipient device. So, it is possible, but these are the lengths you have to go to.

[codeka]

But they could just inject a "fake" recipient device with their own public/private key and decrypt messages as they transit the system. They might not be able to decrypt messages you've sent in the past, but I can see no reason why they couldn't read messages as you send them if they wanted to (or were required by a wiretapping agency, for example).

I also recall a while ago a researcher who showed that if you forgot your iCloud password, there was a way to get Apple to reset the password and give you access to all your previously-stored data. If they had no way to decrypt your data remotely, that should be impossible.

[_jsn]

On the first point, you're coreect. That's also why you get those extremely annoying modal dialogs each time a device/key pair is added to your iMessage account, because a device added without your knowledge could be used to eavesdrop on you.

[pilif]

You only get that dialog for the devices you add. The public key added by the NSA or Apple themselves does not trigger the dialog.

(explanatory note as the sarcasm in the comment might not have been obvious: I do not know whether such a facility exists in the services or not, so this might or might not be true.

But: The fact that it's possible that this "feature" already exists or can easily be added in the future, potentially even without an update of the client leads me to my current opinion which is that iMessage is not secure and all traffic is open to Apple, rogue employees at Apple and whatever government Apple is cooperating with).

[tehwebguy]

Exactly, you can reset your password and re-download all of your old messages.

[nknighthb]

It is not impossible so long as there is a linked device that has access to the data. Was there a precise accounting of the state of the researcher's icloud account before the reset, and everything done during the reset?