TextSecure

From Infogalactic: the planetary knowledge core
Jump to: navigation, search

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

This article is about a discontinued Android application. For its successor, see Signal (software).
TextSecure
100px
TextSecure authentication.pngTextSecure conversation list.pngTextSecure conversation.png
Screenshots of TextSecure
Original author(s) Moxie Marlinspike
and Stuart Anderson
(Whisper Systems)
Developer(s) Open Whisper Systems and community
Initial release May 2010 (2010-05)[1]
Last release 2.28.1
(September 29, 2015; 8 years ago (2015-09-29))[2]
Development status Discontinued (merged with RedPhone to become Signal)[3]
Written in Java (client and server)
Operating system Android
Size 11 MB
Available in 34 languages[4]
Type Encrypted instant messaging
License GPLv3 (client),[5]
AGPLv3 (server)[6]
Website whispersystems.org

TextSecure was a free and open-source encrypted messaging application for Android that was first released in May 2010. It was developed by Open Whisper Systems and used end-to-end encryption to secure the transmission of instant messages, group messages, attachments and media messages to other TextSecure users. In November 2015, TextSecure was merged with an encrypted voice calling application called RedPhone and was renamed as Signal.

TextSecure was the first application to use the Double Ratchet Algorithm, which has since been implemented into WhatsApp and other applications.

History

TextSecure's icon from May 2010 to February 2014 and from February 2014 to February 2015.

Whisper Systems and Twitter (2010–2011)

TextSecure started as an application for sending and receiving encrypted SMS messages.[7] Its beta version was first launched in May 2010 by Whisper Systems,[8] a startup company co-founded by security researcher Moxie Marlinspike and roboticist Stuart Anderson.[9][10] In addition to launching TextSecure, Whisper Systems produced a firewall, tools for encrypting other forms of data, and RedPhone, an application that provided encrypted voice calls.[1][9] All of these were proprietary enterprise mobile security software.

In November 2011, Whisper Systems announced that it had been acquired by Twitter. The financial terms of the deal were not disclosed by either company.[11] The acquisition was done "primarily so that Mr. Marlinspike could help the then-startup improve its security".[12] Shortly after the acquisition, Whisper Systems' RedPhone service was made unavailable.[13] Some criticized the removal, arguing that the software was "specifically targeted [to help] people under repressive regimes" and that it left people like the Egyptians in "a dangerous position" during the events of the 2011 Egyptian revolution.[14]

Twitter released TextSecure as free and open-source software under the GPLv3 license in December 2011.[9][15][16][17] RedPhone was also released under the same license in July 2012.[18] Marlinspike later left Twitter and founded Open Whisper Systems as a collaborative Open Source project for the continued development of TextSecure and RedPhone.[19][20]

Open Whisper Systems (2013–2015)

File:Signal timeline.svg
A timeline of the development of TextSecure.
a) Addition of encrypted group chat and instant messaging capabilities.
b) End of encrypted SMS/MMS messaging, which prompted the creation of a fork.
c) RedPhone merged into TextSecure and it was renamed as Signal.
d) Signal as a RedPhone counterpart for iOS.
e) Addition of encrypted group chat and instant messaging capabilities.

Open Whisper Systems' website was launched in January 2013.[20] Open Whisper Systems started working to bring TextSecure to iOS in March 2013.[21][22]

In February 2014, Open Whisper Systems updated their protocol to version 2, adding group chat and push messaging capabilities.[21][23] Toward the end of July 2014, Open Whisper Systems announced plans to unify its RedPhone and TextSecure applications as Signal.[24] This announcement coincided with the initial release of Signal as a RedPhone counterpart for iOS. The developers said that their next steps would be to provide TextSecure instant messaging capabilities for iOS, unify the RedPhone and TextSecure applications on Android, and launch a web client.[25] Signal was the first iOS app to enable easy, strongly encrypted voice calls for free.[19][26]

In March 2015, Open Whisper Systems released Signal 2.0 with support for TextSecure private messaging on iOS.[27][28] Later that month, Open Whisper Systems ended support for sending and receiving encrypted SMS/MMS messages on Android. From version 2.7.0 onward, TextSecure only supported sending and receiving encrypted messages via the data channel. Reasons for this included:[7]

  • Complications with the SMS encryption procedure: Users needed to manually initiate a "key exchange", which required a full round trip before any messages could be exchanged. In addition to this, users could not always be sure whether the receiver could receive encrypted SMS/MMS messages or not.
  • Compatibility issues with iOS: Not possible to send or receive encrypted SMS/MMS messages on iOS due to the lack of APIs.
  • The large amounts of metadata that inevitably arise and are uncontrollable when using SMS/MMS for the transportation of messages.
  • Focus on software development: Maintaining SMS/MMS encryption and dealing with edge cases took up valuable resources and inhibited the development of the software.

Open Whisper Systems' abandonment of SMS/MMS encryption prompted some users to create a fork which is named SMSSecure and is meant solely for the encryption of SMS and MMS messages.[29][30]

In November 2015, the TextSecure application was merged with RedPhone and renamed as Signal for Android.[3]

Features

The application prevented screenshots of conversations by default. Its intention was to prevent other applications from taking screenshots.[31]

TextSecure allowed users to send encrypted text messages, audio messages, photos, videos, contact information, and a wide selection of emoticons over a data connection (e.g. Wi-Fi, 3G or 4G) to other TextSecure users with smartphones running Android. TextSecure also allowed users to exchange unencrypted SMS and MMS messages with people who did not have TextSecure.[23]

Messages sent with TextSecure to other TextSecure users were automatically end-to-end encrypted, which meant that they could only be read by the intended recipients. The keys that were used to encrypt the user's messages were stored on the device alone. In the user interface, encrypted messages were denoted by a lock icon.

TextSecure allowed the user to set a passphrase that encrypted the local message database and the user's encryption keys.[32] This did not encrypt the user's contact database or message timestamps.[32] The user could define a time period after which the application "forgot" the passphrase, providing an additional protection mechanism in case the phone was lost or stolen.[31]

TextSecure had a built-in function for verifying that the user was communicating with the right person and that no man-in-the-middle attack had occurred. This verification could be done by comparing key fingerprints (in the form of QR codes) in person.[31] The application would also notify the user if the correspondent's key fingerprint had changed.[31]

TextSecure allowed users to chat with more than one person at a time.[33] Group chats were automatically end-to-end encrypted and held over an available data connection if all participants were registered TextSecure users. Users could create groups with a title and avatar icon, add their friends, join or leave groups, and exchange messages/media, all with the same encryption properties pairwise TextSecure chats provided. The servers did not have access to group metadata such as lists of group members, the group title, or the group avatar icon.[23][34]

The application could also function as a drop-in replacement for Android's native messaging application as it could fall back to sending unencrypted SMS and MMS messages.

Limitations

TextSecure required that the user had a phone number for verification.[35] The number did not have to be the same as on the device's SIM card; it could also be a VoIP number[35] or a landline as long as the user could receive the verification code and have a separate device to set-up the software. A number could only be registered to one device at a time.

The official TextSecure client required Google Play Services because the app was dependent on Google's GCM push messaging framework.[36] From February 2014 to March 2015, TextSecure used GCM as the transport for message delivery over the data channel. From March 2015 forward, TextSecure's message delivery was done by Open Whisper Systems themselves and the client relied on GCM only for a wakeup event.[7]

Architecture

Encryption protocol

TextSecure used the Signal Protocol (then called the Axolotl protocol[37]), which combines the Double Ratchet Algorithm, prekeys, and a 3-DH handshake.[38] It uses Curve25519, AES-256, and HMAC-SHA256 as primitives.[39]

The protocol provides confidentiality, integrity, authentication, participant consistency, destination validation, forward secrecy, backward secrecy (aka future secrecy), causality preservation, message unlinkability, message repudiation, participation repudiation, and asynchronicity.[40] It does not provide anonymity preservation, and requires servers for the relaying of messages and storing of public key material.[40]

The group chat protocol is a combination of a pairwise double ratchet and multicast encryption.[40] In addition to the properties provided by the one-to-one protocol, the group chat protocol provides speaker consistency, out-of-order resilience, dropped message resilience, computational equality, trust equality, subgroup messaging, as well as contractible and expandable membership.[40]

Implementations

On November 18, 2014, Open Whisper Systems announced a partnership with WhatsApp to provide end-to-end encryption by incorporating the protocol used in TextSecure into each WhatsApp client platform.[41] Open Whisper Systems said that they had already incorporated the protocol into the latest WhatsApp client for Android and that support for other clients, group/media messages, and key verification would be coming soon after.[42] WhatsApp confirmed the partnership to reporters, but there was no announcement or documentation about the encryption feature on the official website, and further requests for comment were declined.[43] On April 5, 2016, WhatsApp and Open Whisper Systems announced that they had finished adding end-to-end encryption to "every form of communication" on WhatsApp, and that users could now verify each others' keys.[44][45]

Servers

All client-server communications were protected by TLS.[46] Once the server removed this layer of encryption, each message contained either the phone number of the sender or the receiver in plaintext.[47] This metadata could in theory have allowed the creation of "a detailed overview on when and with whom users communicated".[47] Open Whisper Systems asserted that their servers did not keep this metadata.

In order to determine which contacts were also TextSecure users, cryptographic hashes of the user's contact numbers were periodically transmitted to the server.[48] The server then checked to see if those matched any of the SHA256 hashes of registered users and told the client if any matches were found.[48] Moxie Marlinspike wrote that it is easy to calculate a map of all possible hash inputs to hash outputs and reverse the mapping because of the limited preimage space (the set of all possible hash inputs) of phone numbers, and that "practical privacy preserving contact discovery remains an unsolved problem".[48][47]

The group messaging mechanism was designed so that the servers did not have access to the membership list, group title, or group icon.[49] Instead, the creation, updating, joining, and leaving of groups was done by the clients, which delivered pairwise messages to the participants in the same way that one-to-one messages were delivered.[34][23]

The server architecture was partially decentralized between December 2013 and February 2016. In December 2013, it was announced that the messaging protocol that was used by TextSecure had successfully been integrated into the Android-based open-source operating system CyanogenMod.[50][51][52] From CyanogenMod 11.0 onward, the client logic was contained in a system app called WhisperPush. According to Open Whisper Systems, the Cyanogen team ran their own TextSecure server for WhisperPush clients, which federated with Open Whisper Systems' TextSecure server, so that both clients could exchange messages with each-other seamlessly.[52] The CyanogenMod team discontinued WhisperPush in February 2016, and recommended that its users switch to Signal.[53]

Licensing

The complete source code of TextSecure was available on GitHub under a free software license.[5] The software that handled message routing for the TextSecure data channel was also open source.[6]

Distribution

TextSecure was officially distributed only through Google Play. In October 2015, TextSecure had been installed over 1 000 000 times through Google Play.[2]

TextSecure was briefly included in the F-Droid software repository in 2012, but was removed at the developer's request because it was an unverified build and exceptionally out of date. Open Whisper Systems have subsequently said that they will not support their applications being distributed through F-Droid because it does not provide timely software updates, relies on a centralized trust model and necessitates allowing the installation of apps from unknown sources which harms Android's security for average users.[36]

Audits

In October 2013, iSEC Partners published a blog post in which they said that they had audited several of the projects supported by the Open Technology Fund over the past year, including TextSecure.[54]

In October 2014, researchers from Ruhr University Bochum published an analysis of the TextSecure encryption protocol.[55] Among other findings, they presented an unknown key-share attack on the protocol, but in general, they found that the encrypted chat client was secure.[56]

Reception

Former NSA contractor Edward Snowden endorsed TextSecure on multiple occasions. In his keynote speech at SXSW in March 2014, he praised TextSecure for its ease-of-use.[57][58] During an interview with The New Yorker in October 2014, he recommended using "anything from Moxie Marlinspike and Open Whisper Systems".[59] Asked about encrypted messaging apps during a Reddit AMA in May 2015, he recommended TextSecure.[60][61]

In October 2014, the Electronic Frontier Foundation (EFF) included TextSecure in their updated Surveillance Self-Defense guide.[62] In November 2014, TextSecure received a perfect score on the EFF's Secure Messaging Scorecard.[63][64] TextSecure received points for having communications encrypted in transit, having communications encrypted with keys the providers don't have access to (end-to-end encryption), making it possible for users to independently verify their correspondent's identities, having past communications secure if the keys are stolen (forward secrecy), having their code open to independent review (open source), having their security designs well-documented, and having recent independent security audits.[63] At the time, "ChatSecure + Orbot", Cryptocat, "Signal / RedPhone", Pidgin (with OTR), Silent Phone, Silent Text, and Telegram's optional secret chats also received seven out of seven points on the scorecard.[63]

Developers and funding

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

Main article: Open Whisper Systems

TextSecure was developed by a nonprofit software group called Open Whisper Systems.[65] The group is funded by a combination of donations and grants, and all of its products are published as free and open-source software.

Open Whisper Systems has received financial support from, among others, the Freedom of the Press Foundation,[66] the Knight Foundation,[67] the Shuttleworth Foundation,[68] and the Open Technology Fund,[69] a U.S. government funded program that has also supported other privacy projects like the anonymity software Tor and the encrypted instant messaging website Cryptocat.

See also

Literature

  • Lua error in package.lua at line 80: module 'strict' not found.
  • Lua error in package.lua at line 80: module 'strict' not found.
  • Lua error in package.lua at line 80: module 'strict' not found.

References

  1. 1.0 1.1 Lua error in package.lua at line 80: module 'strict' not found.
  2. 2.0 2.1 Lua error in package.lua at line 80: module 'strict' not found.
  3. 3.0 3.1 Lua error in package.lua at line 80: module 'strict' not found.
  4. Lua error in package.lua at line 80: module 'strict' not found.
  5. 5.0 5.1 Lua error in package.lua at line 80: module 'strict' not found.
  6. 6.0 6.1 Lua error in package.lua at line 80: module 'strict' not found.
  7. 7.0 7.1 7.2 Lua error in package.lua at line 80: module 'strict' not found.
  8. Lua error in package.lua at line 80: module 'strict' not found.
  9. 9.0 9.1 9.2 Lua error in package.lua at line 80: module 'strict' not found.
  10. Lua error in package.lua at line 80: module 'strict' not found.
  11. Lua error in package.lua at line 80: module 'strict' not found.
  12. Lua error in package.lua at line 80: module 'strict' not found.
  13. Lua error in package.lua at line 80: module 'strict' not found.
  14. Lua error in package.lua at line 80: module 'strict' not found.
  15. Lua error in package.lua at line 80: module 'strict' not found.
  16. Lua error in package.lua at line 80: module 'strict' not found.
  17. Lua error in package.lua at line 80: module 'strict' not found.
  18. Lua error in package.lua at line 80: module 'strict' not found.
  19. 19.0 19.1 Lua error in package.lua at line 80: module 'strict' not found.
  20. 20.0 20.1 Lua error in package.lua at line 80: module 'strict' not found.
  21. 21.0 21.1 Lua error in package.lua at line 80: module 'strict' not found.
  22. Lua error in package.lua at line 80: module 'strict' not found.
  23. 23.0 23.1 23.2 23.3 Lua error in package.lua at line 80: module 'strict' not found.
  24. Lua error in package.lua at line 80: module 'strict' not found.
  25. Lua error in package.lua at line 80: module 'strict' not found.
  26. Lua error in package.lua at line 80: module 'strict' not found.
  27. Lua error in package.lua at line 80: module 'strict' not found.
  28. Lua error in package.lua at line 80: module 'strict' not found.
  29. Lua error in package.lua at line 80: module 'strict' not found.
  30. Lua error in package.lua at line 80: module 'strict' not found.
  31. 31.0 31.1 31.2 31.3 Rottermanner et al. 2015, p. 5
  32. 32.0 32.1 Rottermanner et al. 2015, p. 9
  33. Lua error in package.lua at line 80: module 'strict' not found.
  34. 34.0 34.1 Lua error in package.lua at line 80: module 'strict' not found.
  35. 35.0 35.1 Lua error in package.lua at line 80: module 'strict' not found.
  36. 36.0 36.1 Lua error in package.lua at line 80: module 'strict' not found.
  37. Lua error in package.lua at line 80: module 'strict' not found.
  38. Unger et al. 2015, p. 241
  39. Frosch et al. 2014
  40. 40.0 40.1 40.2 40.3 Unger et al. 2015, p. 239
  41. Lua error in package.lua at line 80: module 'strict' not found.
  42. Lua error in package.lua at line 80: module 'strict' not found.
  43. Lua error in package.lua at line 80: module 'strict' not found.
  44. Lua error in package.lua at line 80: module 'strict' not found.
  45. Lua error in package.lua at line 80: module 'strict' not found.
  46. Frosch et al. 2014, p. 7
  47. 47.0 47.1 47.2 Rottermanner et al. 2015, p. 4
  48. 48.0 48.1 48.2 Lua error in package.lua at line 80: module 'strict' not found.
  49. Rottermanner et al. 2015, p. 3
  50. Lua error in package.lua at line 80: module 'strict' not found.
  51. Lua error in package.lua at line 80: module 'strict' not found.
  52. 52.0 52.1 Lua error in package.lua at line 80: module 'strict' not found.
  53. Lua error in package.lua at line 80: module 'strict' not found.
  54. Lua error in package.lua at line 80: module 'strict' not found.
  55. Frosch et al. 2014
  56. Lua error in package.lua at line 80: module 'strict' not found.
  57. Lua error in package.lua at line 80: module 'strict' not found.
  58. Lua error in package.lua at line 80: module 'strict' not found.
  59. Lua error in package.lua at line 80: module 'strict' not found.
  60. Lua error in package.lua at line 80: module 'strict' not found.
  61. Lua error in package.lua at line 80: module 'strict' not found.
  62. Lua error in package.lua at line 80: module 'strict' not found.
  63. 63.0 63.1 63.2 Lua error in package.lua at line 80: module 'strict' not found.
  64. Lua error in package.lua at line 80: module 'strict' not found.
  65. Lua error in package.lua at line 80: module 'strict' not found.
  66. Lua error in package.lua at line 80: module 'strict' not found.
  67. Lua error in package.lua at line 80: module 'strict' not found.
  68. Lua error in package.lua at line 80: module 'strict' not found.
  69. Lua error in package.lua at line 80: module 'strict' not found.

External links

Retrieved from "https://infogalactic.com/w/index.php?title=TextSecure&oldid=717589457"