Messaging applications including Signal, WhatsApp, Confide and Telegram use encryption to scramble messages so only the intended end-user can read them. Messages typically aren’t stored on servers, and some apps automatically delete messages and prevent users from screenshotting or sharing messages.
It was recently reported that the Signal messaging app was used by high-ranking federal officials to communicate sensitive military information.
Calvin Deutschbein, Assistant Professor of Computer Science helps us understand the security of encrypted messaging applications.
How secure are encrypted messaging apps? What vulnerabilities, if any, exist in encryption protocols?
Encrypted messaging apps are secure — to the best of our knowledge. However, the real vulnerability often lies with the user. For individuals, the biggest risk is that other applications on their device — such as onscreen keyboard or screen filters — can potentially see all of their communications. Depending on the situation, people should be aware that their device’s connection patterns to cell towers or Wi-Fi routers, especially in certain areas, could create identifiable data that may compromise their privacy. Especially for sensitive communications, fundamentally there will be some evidence of information traveling to and from a physic device over some network.
Some of the encrypted messaging apps are good and trustworthy as far as apps go, but they don’t obscure, for example, the fact you have the app on your phone, which is itself something you might want to keep private. Even something as simple as displaying message notifications on a lock screen may cause information to become visible that you expected to remain private.
I regard Signal as the best of the encrypted message platforms. Usually when Signal is insecure the issue is not Signal, but on the cellular and Wi-Fi networks. There’s an interesting story to that effect published by a former undergraduate from University of North Carolina when I taught there in 2019. It details geo-fencing — where surveillance entities could not gain access to the contents of Signal messages, but could determine the volume of messages in a certain location at a certain time, which is almost as good. There’s a funny webcomic about this as well.
What data do encrypted apps collect?
Signal claims they only store information about when a user last accessed the platform (measured in days), and I see no reason not to believe them. However, it is harder to prove that a specific data package entering or leaving Signal surveys cannot be traced back to either an individual, or a small group of users. WhatsApp is owned by Meta, which became a trillion dollar company by collecting a lot of user data. I believe Meta likely feels obligated to their shareholders to collect data for every message — including the sender, receiver, message length, and everything except the precise message content — forever.
If you do use Signal, it is likely not the point of failure here, and seems secure (its code base is open source, and has been subject to some scrutiny). But on some level you are relying on 1) Signal’s servers, which necessarily physically exist somewhere, and 2) every other part of the cellular (or internet) network, which is much more relevant.
Can the government or law enforcement get access to encrypted messages?
Yes, always! Assume the level of computing power and ingenuity possessed by the totality of the government is high enough that any mistake (and everyone makes mistakes), leaves any communication effectively insecure. A notable high-profile case is the Apple v. FBI case in 2016, when the FBI attempted to coerce Apple to gain access to a locked iPhone. The FBI later withdrew their request after they found another way to access the device’s contents.
Should government agencies develop their own secure messaging platforms instead of using commercial options?
This answer may come as a surprise, but I think absolutely not. The government, and especially the National Security Agency, is often involved in the development of open protocols that meet the best possible security standards Open source algorithms are simply better because they benefit from collective intelligence and scrutiny - “None of us are as smart as all of us.”
When I teach cryptography (as I am this term), I often cite scholars from all around the world who have worked together for generations to both create protocols to protect individual freedoms and build trust in communications platforms.
Often as security researchers, we get questions about whether there could be some “secret way of keeping secrets,” but that hasn’t been the best practice for a long time. Beginning in 1851, the idea of “security through obscurity” was falling out of favor with locksmiths, who realized their designs were often stronger when other locksmiths could point out obvious flaws than when they tried to keep designs secret.
My recent work focuses on open source hardware designs (my latest effort is available now) specifically because I believe this is the best way to achieve security. In a way, this has been my life’s work.
Are there technical solutions that exist to archive encrypted communications while maintaining security?
Any communications, once “at rest” on a physical device, can be brought to arbitrarily high levels of security. The challenge involves balancing security (in this case, confidentiality) with availability, and, of course, not making mistakes.
Stronger encryption requires more computing resources and time. Usually when secrets get out, it is because it was infeasible or judged inefficient to achieve the level of security necessary to protect some given secret, and that is always a moving target. Or a mistake.
I believe a more meaningful question is determining what level of security best serves the public interest. Once we establish that, we can develop appropriate algorithms and determine the level of computational investment in carrying out encryption.
