These days, it would be pretty much essential for your information to be encrypted in some way. Some encryption is stronger than others however. The most common form of encryption (Link Encryption), used by Gmail, the HTTPS version of Facebook, Outlook etc does not protect the contents of messages once the message has reached Gmail, Facebook, Outlook etc's servers. The two most important types of encryption are End-to-End and Link Encryption. We will discuss the differences, between the two, identify messaging/calling services that use the best form of encryption and how to use them.
End-to-End Encryption vs Link Encryption
In Link Encryption, there are two devices and a central server. When a message is sent, the server must decrypt the message, in order to send it in the right direction, and encrypt it again. The weakness here is that the service can see your messages, not to mention, your messages will probably be stored in the services server. Additionally, the server(s) may bounce the message unencrypted between servers, before finally dispatching the message to the intended recipient.
End-to-End Encryption takes this central server out of the equation (mostly). Instead of the server decrypting the entire message, it only encrypts the message enough to know where to send the message to. The encryption and decryption of the contents of the message occurs on the devices involved in the messaging conversation. The central server cannot see the message contents. nor can anyone running the network. Only the people that are actually in the conversation can see the contents of messages. Even if a government was to ask the service for the contents of the message, if the service used E2EE, they would not be able to divulge the content of the message. Just note that E2EE protects the contents, not the traffic pattern of your messaging. Additionally, it is possible to implement E2EE and Link Encryption at the same time to protect both the contents and destination information. Though, this is uncommon as of publication.
E2EE is also far harder to hack, as the key to encrypt messages is known between individuals. If the individuals check if each others public keys are valid, they can be sure their messages are going to the intended recipients. Link Encryption does not inherently allow for such verification, as the server manages the public and private keys on your behalf. More on this and Man in The Middle Attacks later.
Traditionally, E2EE has been used in email encryption such as PGP or X.509. Unfortunately, PGP has earned itself a reputation for being hard to setup and difficult to understand, albeit probably the most secure way to send an email. Happily however, E2EE apps are now becoming increasingly popular, and do not require a basic knowledge of public key encryption to operate. Its usually as simple as having both people using the same application (inherent with E2EE).
Examples of Link Encrypted Services
- HTTPS websites (padlock in the browser indicates a website is encrypted using HTTPS)
Examples of End-to-End Encrypted Services
- PGP (email)
- X.509 (email)
With that out of the way, lets discuss what messaging services using E2EE I can recommend and how to use them effectively.
I recommend the Signal app from Open Whisper Systems for iOS and Android. Signal replaces Androids default messaging app, and has a standalone app for iOS (due to Apple's OS limitations on apps in it's app store). On top of that, Signal supports audio and video calling, group conversation and file exchange. Best of all, it's free! Signal can only send encrypted messages to other Signal users. Thus, on Android, if you send a message to someone who is not using Signal, the message will be sent as a standard unencrypted SMS/MMS. For Android way you can tell if Signal will use E2EE for data exchange between your particular contact is the phone icon will have a lock placed next to it:
In both screenshots, note the call icon on the top right. If there is a padlock, the contact is using Signal and therefore, the messages and calls are all using E2EE. If there is no padlock as shown in the right most picture, the recipient is not using Signal, and the message will send as an unencrypted SMS/MMS. Additionally, the padlock shown inmessages boxes indicate the message was sent encrypted. As Apple users can only message Signal users via the iOS Signal app, you don't have to worry about this. All your messages and calls will use E2EE.
As of the 5th of April 2016, Open Whisper Systems has collaborated with Whatsapp to implement E2EE. With over a billion users worldwide and E2EE enabled by default , Whatsapp is another great service to securely message on. It is worth noting however that many Whatsapp users have not updated their apps since April 5th. To check if your messages will be sent using E2EE, open their contact and note the padlock:
If you see the open padlock, E2EE will not be used, and the contact must update their app before E2EE can be used.
Man in The Middle Attacks (E2EE)
To understand Man in the Middle Attacks, we must understand the basics of encryption. In particular, public key encryption. Read more about this at my article: What is Encryption & How is it Useful? Please note that knowing the basics of Public key encryption as discussed in the article are not mandatory to run E2EE messaging apps. However, it does provide a more comprehensive understanding of encryption and how to protect yourself from certain threats. To recap, a public key encrypts messages, a private key decrypts messages.
In the context of E2EE, a Man In The Middle Attack (MITMA) is the act of an attacker exchanging your public key for his own public key during the key exchange process in E2EE apps. Effectively, the hacker would then receive your messages instead of your intended recipient and decrypt them using the keys exchanged. To avoid detection, the attacker would then send off the message using his own private key to your intended recipient. The way we secure ourselves against MITMA's is by verifying our recipient's public keys and vice versa. Using Whatsapp as an example, click the lock (pictured above) and a QR code and a string of random digits will display (pictured bellow).
To verify your contacts public key, you will have to exchange this QR code or string of numbers to your recipient, ideally on another messaging service, or by stating the code during a phone call. Verifying public keys using a different service than the one you are using is known as Out-of-Band verification. If you go the phone call route, be sure to state every single digit, as the attacker may change only one number in your recipients public key. This single digit could be the difference between your messages going to your intended recipient and an attacker. You will only have to do this once, as Whatsapp has another setting that warns you when a persons public key suddenly changes. To enable this go to settings -> accounts -> security and enable "Show Security Notifications."
Signal's main way to exchange public keys is to call the user using Signal (make sure to the padlock is on the phone icon if your using Android). Your screen should look like this if your using Android, but the Apple version is fundamentally the same:
Note where it says "classroom pedigree." At the beginning of your call, verify if this text matches your recipients. If it does, your calling him directly. If the text is different between you and your recipient, you are falling victim to a man in the middle attack.
iMessage for Apple also supports E2EE. Albeit without protection from man in the middle attacks and cross-brand compatibility.
Although key verification may seem irritating, it is good to practice good security practices. However, if it is just too much, it is still far safer to use E2EE messaging apps that using Link Encrypted Messaging apps (i.e. Gmail) or unencrypted messaging services like Facebook. Note that Facebook messaging can use SSL/TLS encryption (Link Encryption) when browsing on the HTTPS version of Facebook (not HTTP). Install HTTPS Everywhere on Firefox or Chrome to enable this by default. This is most useful on unsecured wireless networks, where hackers can sniff the contents of all unencrypted traffic without the need to break any encryption or passwords.
Signal also can be accessed using Google Chrome on Desktop by downloading the extension.
Whatsapp vs Signal vs iMessage
iMessage does not allow for any form of key verification nor support for calling and can only be used between Apple devices.
Whatsapp can be used securely, but be sure to turn of iCloud/Android backups. Otherwise, your Whatsapp messages will be stored unencrypted in Apple/Google's servers. Be sure your contacts do the same. Similarly, taking screenshots of conversations usually results in the image being uploaded to the cloud. Whether it is via iCloud, Dropbox, Google Photos, Onedrive, etc. Sadly, none of these services encrypt data stored in their cloud storage servers. Currently, governments don't even need a warrant to access a persons cloud storage data, so I'd advise against this. Signal has a setting enabled by default that prevents screenshots from being taken from within the app. Additionally, Signal, unlike Whatsapp, does not automatically upload its messages to the cloud when cloud backups are enabled on your phone's operating system. You can also have the app delete your messages automatically after a specified number of messages.
For this reason, I recommend Signal, but I also use Whatsapp. Just know the precautions you must take in order to secure your data fully, and encrypt your phone with a strong passphrase. Lastly, its great that you may be taking steps to protect your data. However, if your recipient doesn't do the same, your efforts may be futile.
The result of these E2EE messaging services is that Signal, Apple, Whatsapp and others who use E2EE do not store any data regarding the content of your conversations and voice calls. This also effectively subverts government surveillance and hackers, as although the data is intercepted, the data is safely encrypted. Additionally, governments can't attain the information from Signal or Whatsapp, as all the information is stored only on the users hopefully encrypted phones. Put simply, only you and the person you are messaging can read the conversation, nobody else. The obvious downside to E2EE services is that you are going to have to convince people to use the app with you. Though, once you have your friends using the app, you can have your own private community of private messengers, immune to all ease droppers.
This guide was a part of my Ultimate Information Security & Privacy Guide. Be sure to check out any related content: