Can Apple decrypt iCloud data of third-party app?

Question

Suppose that a third-party app is encrypted (say, with AES 128), and that this app stores data in iCloud through iCloud Drive. In general, can Apple decrypt this data as it would with data stored in native iOS apps?

Answer 1

If Apple is telling the truth, then they can’t access your data, assuming the third-party app developer doesn’t store your AES key in iCloud. Apple has no way to get at a key stored locally on your device (according to Apple) and no way to decrypt the data without the key (according to everything we know about cryptography).

If Apple is lying, then of course all encryption keys created or used by third-party apps could be secretly transmitted to Apple’s servers so that they can be used to decrypt your data, even if the app thinks it’s only storing them locally.