Let's assume the following situation:
- My device gets stolen and my keychain keys (including iMessage encryption and signing keys)
- I reactivate my iMessage account and new iMessage keys are generated.
As far I know, iMessage client sends the every public key to apple, so when someone send me message my message will be encrypted with each public key ever associated with my account.
If someone sniff on my messages and because they have my old keys, can they read my messages?
Is there way to manage my iMessage keys associated with my iMessage account?
Best Answer
TL;DR
Long Answer
The detail of this is mostly covered by Apple's iOS Security Guide which describes the mechanism iMessage uses in detail, see excerpt below.
The basics of the section above is this:
If your lost/stolen phone is no longer associated with your iCloud account (because you removed it) then the sender's phone would not receive a public key from Apple with which to encrypt a message for that device so a copy of that message would not be sent to your lost/stolen device which renders the keys on that device useless, so even if someone managed to pull your iMessage keys from the device, as long as that device isn't registered to you anymore they'll never receive a message that can be decrypted with them.
If you haven't removed the device from iCloud then sniffing on the connection between your device and Apple's servers
shouldn't be possiblewill be very difficult since it's done over a forward-secret TLS connection and the connection would fail if the device did not get a valid TLS certificate signed by the expected Certificate Authority which should make it difficult to perform a Man-In-The-Middle-AttackIf your phone was not deactivated with Find My iPhone and you did not change your iCloud password then the thief could just use your lost phone to read your messages as you would expect, however if you follow Apple's instructions for lost iPhones then the phone would either be inaccessible and/or not receive new messages, they have no way to extract your iMessage keys from your iPhone so they can't just put them on another device and if you put the phone in Lost Mode they can't even get into it to read your old messages without a passcode. There is no way for you to directly manage your iMessage keys, they are managed under the covers by the devices registered to your iCloud account. When you remove a device from iCloud Apple will no longer send that device's public keys out when an iMessage sender asks Apple to send you a message. The keys on the device no longer matter as no new messages would be encrypted with the public keys so no new messages can be decrypted with the private keys on the device. It is then down to your device security (passcode/touch-ID and on-device encryption) to protect the contents of the phone i.e. your old messages.
You can also read about some ideas on weaknesses in this security model at the links below:
https://blog.quarkslab.com/imessage-privacy.html https://blog.cryptographyengineering.com/2015/09/09/lets-talk-about-imessage-again/
UPDATED
I've added this section to address specific concerns of the OP on the iMessage key-thief sniffing their network.
You seem particularly concerned about the following scenario;
Your iPhone has been stolen (or hacked) and is now back in your possession but your iMessage keys have been stolen by a thief who is now going to sniff the network your phone is on so that they can read your messages.
Let's firstly say straight off the bat that what you are worried about is entirely possible, since anything is possible, and any system can be hacked with enough time and effort unless it is completely powered off (battery out and unplugged) and never connected to a network. So with that out of the way, let's explore how likely this is. In order for someone to obtain your iMessage keys and sniff your network to read your messages here's a list of what would need to happen.
Frankly, all of the above is incredibly complex and unless you're Edward Snowden, or some other Enemy of the State I don't think anyone could be bothered that much to read your messages
:op