Marcel Ackermann

@dreamflasher

Encrypted Instant Messaging Recommendations January 2017

tl;dr: Encrypt all your online (IM) communication, there is no good reason anymore to not do it. Use a XMPP+Omemo client (Conversations on Android, ChatSecure on iOS and Gajim for Windows/Mac/Linux). Don’t be fooled by companies who use security as a marketing buzzword (especially don’t use WhatsApp, Facebook and Telegram).

In this post I focus on a small subset of security: Encrypted Instant Messaging. I’ll talk about other important issues in other posts. It’s important to me because I see a huge gap between what people do, what they care about and what they are not aware of. It’s just the biggest potential I see for people, where they can have the easiest the most impact.

Why should you care?

Why should you care about protecting your communication and generally your data?

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” — Edward Snowden

https://en.wikipedia.org/wiki/Nothing_to_hide_argument

The right to privacy is the right to self. You “own” you. You decide when you want to share you and when you don’t.

Here’s a long list of arguments, unfortuantely in German, if you have a similar list in English, please let me know in the comments: https://wiki.piratenpartei.de/Ich_habe_nichts_zu_verbergen!

Or to make it less abstract: Would you mind giving me your email password? No? Why not? I thought you have nothing to hide?

Why is it more important to you that I can’t read all your emails than Merkel, Trump and Zuckerberg?

Why do you trust Trump more than me?

And yes, this is real, computers are actually reading your unencrypted communication (email and chat). And then when there are “investigations” many humans, police, politicians, security agencies can drill down and read every single of your email just because you wrote an email with someone 10 years ago who was potentially involved in a crime now. That is exactly what a lot of the fuzz with Snowden was about. https://en.wikipedia.org/wiki/PRISM_(surveillance_program)

I hope until now you are conviced that you want to encrypt your communication. Don’t fear, the great thing is, that since 2016 it is significantly easier than it was before. It is actually now so easy that anybody can do it. Yes, my mom is sending me encrypted messages.

The great news is that this does not mean any overhead in your communication, you only need to install a new app. I will compare different possibilities and will rank them by justified reasons for the ranking.

What you should be aware of is that you make two choices at the same time, when you pick an IM client: One the one hand the client itself, on the other hand the protocol which this client uses. That means you will only be able to communicate with people that use a client that speaks the same protocol as your client.

I thought how to present that decision the best and decided that often protocols and applications are still coupled and that for now the best is to have one list and not split it up into two lists. So next I will give you a list of important characteristics of protocols and applications, by which you can determine if a protocol/application is good or not a list of protocol recommendations and the characteristics you could (and maybe should ;)) care about when deciding for a protocol.

Decision Criteria

  • Open source (clients and protocol): You can’t trust any closed source encryption, yes it’s that simple. Reason: How can you tell the difference that they just show you a lock in the UI instead of really doing encryption? Yes, you can’t. Nobody can. You don’t believe me that companies would never be so dishonest to do that? Have a look here: https://hannover.ccc.de/~nexus/bubcon/bubcon.html (summary: They advertise security and then there is no security in it) — you are saying big companies would never do that? Most of them are forced to: https://en.wikipedia.org/wiki/National_security_letter — so open source is the main criterion, everything which is not open source can’t be recommended. Of course, just having a protocol and clients open source is not sufficient, also there are ideally several security audits. I will include apps which require a closed source server, because theoretically it is sufficient that the clients are open source if the end-to-end encryption is proovable sufficient. Nevertheless it’s “nicer” also it does not comply with the next criterion.
  • Federation/Decentralization: Think about email. If you are using gmail, you can send emails to people how use hotmail or yahoo. It would be crazy if you couldn’t send them emails, right? Why do you accept that with instant messaging? If you are using Whatsapp you can only talk to Whatsapp users, stupid, isn’t it? A consequence of having everything (clients and protocol) open source and federation is that users have the choice of clients and thus can swith from (email example) yahoo to gmail, if they notice they get a better experience at gmail.
  • Group chat: You want to be able to chat with a group of friends, right?
  • Multi-device: You want to be able to chat from your two phones and three computers and switch seemless between them, right?
  • Offline messages: Yes, there have been protocols in the past which did not support that you can send messages when the other person is currently offline, stupid heh?
  • Recently security audited: Open source is nice, but when nobody actually does a proper security audit nobody knows if the crypto is actually worth anything. EFF gives a green flag on that if the last code audit has been in the last 12 months.
  • Systems support (of the protocol): See federation, you want that there exist usable clients for all major operating systems and browsers (Linux, Android, MacOS, iOS, Windows, Firefox, Chrome). I will use the following rating scheme: An app starts with 5* and for each completely missing OS (iOS, Android, Linux, MacOS, Windows) it loses 2 stars (while supporting any browser counts), supporting only browser or only desktop is one star off, and if the client with the highest usability <4 in an OS it’s also 1 star off.
  • Anonymity: For a fair amount of people it is important that they can stay anonymous, that means that their IM account is not couple to a phone number or email.
  • Usability: You want your user experience to be great. This also includes that sending files and images is nice and easy. I’ll give a 5 star rating from my own experience, feel free to apply your own judgement and run the calculation of the ranking.
  • Fingerprint/Key verification: This is the only majorly important thing about encryption which has not been properly solved so far. This would require it’s own article, but let me try in a few sentences anyways: You somehow need to find out that you are actually talking to the person you think you are talking to. Otherwise an attacker can just claim they are the person you actually want to talk to, and gone is your encryption. So how to you find out if you are talking to the right person? You need to manually verify that the key or fingerprint of the contact shown in the app matches with their actual fingerprint/key. In order to verify that you need to use an existing trustworthy communication channel. For example meeting in person, calling via phone, web of trust, or social media (in the hope an attacker doesn’t have access there). There are huge differences in usability on how to achieve this and require this fingerprint verfication from users. I will give a personal rating of 5 stars on how I judge the usability and process to encourage users doing that.
  • Perfect Forward Secrecy (PFS): If your key gets compromised, the attacker is not able to decrypt past communication.

Protocol rating follows this rating scheme: Supports federation/decentralization, group chat, multi-device, offline messages, forward secrecy, anonymity and is audited. The rating is 5 minus number of missing attributes, this rating gets double the weight. Yes, technically not all attributes are really protocol attributes, but it’s part of the package you get, so that’s why I include it in this rating and not to overcomplicate things.

Ranking, as of January 2017

Encrypted/Secure IM Ranking, as of January 2017

Recommendations

XMPP+Omemo (Conversations, ChatSecure, Gajim): My recommendation (as of January 2017). XMPP has a long success history and is extremely well standardized and supported, unfortuantely so far not that many clients picked up on Omemo (status page). And the only desktop client (Gajim) only has a very mediocre usability. Also Gajim is difficult to set-up, and while Conversations is amazing it costs either 3€ in the Android store or one has to install it via F-Droid, which is then also a hassle to set-up. So even my current recommendation is by far not perfect. But it’s the best you currently get and it is by far better than what was available in 2015. 
Signal: Until November 2016 this has been my recommendation because Riot didn’t support Olm e2e encryption until then and there was no XMPP+Omemo client for iOS until January 2017. As of January 2017 I don’t recommend Signal anymore, because XMPP+Omemo and Riot are better alternatives. Also it has a bunch of glitches/bugs with notifications and duplicate messages.

Not recommended

because they are closed source:
Whatsapp, Facebook, Skype, Google Hangouts, Google Allo, Facetime, QQ Mobile, WeChat, Viber, LINE, Blackberry Messenger, Threema, TrustCase, whistle.im

because there is no security audit:
Wire, RetroShare, Tox, Surespot
 
because the protocol is crap (doesn’t support either group chat, multi-device or offline messages):
OTR, Telegram*, Silent Phone, Tox, Ricochet, Surespot

* yes, believe it or not, Telegram does not provide encrypted group chat and multi-device. They are actually one of the apps/companies for which the warning “don’t be fooled” holds very much true: Yes, they provide e2e encryption, but only if you explicitely start it and then only between exactly two mobile devices (no, desktop and browser not supported). Also they are a good example why it’s generally a bad idea to invent your own cryptography: http://www.cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest

Appendix

I invested a considerable amount of time collecting the information presented in this article from various resources. This reflects my current state of knowledge. I open up everything I wrote here to debate, and I am more than happy to update my knowledge, believes and this article when presented with new, reasonable information. This being said I provide the following SLA: I will read every comment until May 2017 and will update the article if necessary.

References

I used a lot of information from (and also updated):

https://en.wikipedia.org/wiki/Comparison_of_instant_messaging_clients#Messengers_with_client-to-client_encryption

Security Audits

Omemo (used by Conversations, ChatSecure, Gaijm): https://conversations.im/omemo/audit.pdf

Olm (used by Riot): https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last/

Signal: https://eprint.iacr.org/2016/1013.pdf

Cryptocat: https://leastauthority.com/static/publications/LeastAuthority-Cryptocat-audit-report.pdf

Ricochet: https://ricochet.im/files/ricochet-ncc-audit-2016-01.pdf

According to https://www.eff.org/de/node/82654 there has been a recent audit for: Signal, Silent Phone, Telegram, OTR (Pidgin) and ChatSecure.

Hacker Noon is how hackers start their afternoons. We’re a part of the @AMIfamily. We are now accepting submissions and happy to discuss advertising &sponsorship opportunities.
To learn more, read our about page, like/message us on Facebook, or simply, tweet/DM @HackerNoon.
If you enjoyed this story, we recommend reading our latest tech stories and trending tech stories. Until next time, don’t take the realities of the world for granted!
Topics of interest

More Related Stories