Overlooked or Underrated Problems of The Secure Messaging Apps

People mostly do not take any action in the absence of a financial gain, a moral incentive or a financial loss. In the recent WhatsApp case, most people did not even care what happened. That is because neither the loss nor the gain is visible to the masses. Whatever is done for security or privacy, reckless crowds will always be ready in the pocket of the sovereign player. This situation causes those who hold the reins of power to overrun the frontiers more.

Recent days witnessed heated debates about WhatsApp’s new privacy policy change. In this WhatsApp turmoil, some experts overlooked some crucial details and misunderstood security/privacy concepts. It turns out it has became a litmus test for us.

From the security perspective, when a secure messaging app or any other apps claims itself as secure, end-to-end-encrypted, private or something similar, a couple of critical principles will arise to examine its claims:

• Cryptology is a science, and information security or cybersecurity is the practitioner or implementer of it. It means that the app’s encryption protocol must be designed by cryptographers or cryptology experts, not by developers or security experts/practitioners.
• The protocol must be open to independent review or peer-viewed.
• The app’s code should be regularly audited.
• The protocol and the app’s code must be formally open.
• The whole security and encryption mechanism must be applicable throughout data-at-rest, data-in-use and data-in-transit channels at the same time, not only for data-in-transit.
• Its security design should be properly documented.

If one of the above is missing or insufficiently applied, an interrobang (?!) appears before us. For example, nobody can examine WhatsApp’s code or its Signal protocol implementation used for end-to-end encryption. And there are some rumours that WhatsApp has implemented a crippled version of the Signal protocol. In this point, if you are not open to any inspection, this attitude causes suspicion.

I neither interrogate WhatsApp, Telegram nor bring other apps forward but only try to see gaps or call attention to the critical points to support the above principles. The principles above and the other supporting critical aspects/concerns below need to be applicable for all secure messaging apps. For that aim, we need to find answers for the below.

Inter-App Communication in Android and iOS

Android and iOS both provide inter-app or inter-process communication feature in their platform. So, different apps in your smartphone can silently exchange data between them in the background by using URL scheme, intent system, UIPasteboard and so on.

The Facebook family consists of WhatsApp, Instagram, Messenger and Facebook apps. If you have more than one from ‘the family’ in your smartphone, you most probably are vulnerable to the collection and correlation of your data between those applications you use. And there is no clear indication, clue or statement from ‘the family’ which claims the opposite that it does not (or will not) use this feature for that aim. This situation is also valid for the other 3rd party applications that are ‘the family’ associated to or affiliated with. If it is so, you probably can not prevent or monitor such background activity.

Typing Before Messaging (Data-in-Use)

Before considering the typing information in WhatsApp, we need to look at the security perception of WhatsApp:

• When you browse WhatsApp’s security paper provided in “About end-to-end encryption” page, it is automatically redirected to “WhatsApp Encryption Overview” technical white paper. You will see in this paper:
  • In “Defining End-to-End Encryption” title, it states “WhatsApp defines end-to-end encryption as communications that remain encrypted from a device controlled by the sender to one controlled by the recipient, where no third parties, not even WhatsApp or our parent company Facebook, can access the content in between . A third party in this context means any organization that is not the sender or recipient user directly participating in the conversation“
  • In “Encryption Has No Off Switch” title, it states “All chats use the same Signal protocol outlined in this whitepaper, regardless of their end-to-end encryption status. The WhatsApp server has no access to the client’s private keys, though if a business user delegates operation of their Business API client to a vendor, that vendor will have access to their private keys – including if that vendor is Facebook“.
• In ‘About end-to-end encryption‘ page, it states “WhatsApp has no ability to see the content of messages or listen to calls that are end-to-end encrypted.“

Given these statements, it is true that end-to-end encryption has no off switch and it only refers to end-to-end encryption, aka transport or data-in-transit security. The encryption is not valid for data-at-rest or data-in-use. We can not say that WhatsApp applies as such encryption for data-in-use like a typing information which is the writing/typing just before pressing send or enter. That is, there is a moment when your writing does not go through end-to-end encryption tunnel yet while still residing in the app. At that moment, you are just about to go into an encrypted transport channel. Such a situation refers to a data-in-use status in a smartphone.

Bearing in mind that Facebook-named apps’ ability to read typing information, we can not deduce any typing security statement from WhatsApp’s security paper. No inferring is needed. There is no barrier to open a covert transport channel in the app to transfer typings anywhere or use inter-app communication way (mentioned above) for copy-forwarding them to other apps in the device.

Secure Local Data Storage (Data-at-Rest)

How the apps handle or use smartphone’s storage is vital in terms of secure communication. Encryption keys, incoming and outgoing messages, deleted messages, caches and so on always reside in the device’s file system, memory or storage. Unless these critical files are encrypted and stored in such a way as to prevent access by other apps, the local storage becomes a place where the circumvention of end-to-end encryption takes place. Consequently, these files can be retrieved simultaneously by other apps or passively by forensic analysis.

Regarding WhatsApp, it is clear that the data on the device is not encrypted. Furthermore, it seems WhatsApp does not use a private data directory or secure container. It does not prefer to store or cache messages on the device in a secure manner. That leads us to circumvent the end-to-end encryption.

Conclusion

For secure messaging apps, we can list other concerns as forward secrecy, server-side fan-out and client-side fan-out, group metadata, push notifications, read and typing notification, backup security, auto-deletion, storage metadata, web client problems and so on. As you may notice, secure messaging apps face tons of concerns to properly handle them. Unfortunately, Telegram and WhatsApp generally skip the addressing of these problems or concerns.

Considering all of these, WhatsApp, Telegram, and most of secure messaging apps fail at preserving security and privacy. They do not handle security appropriately or intentionally. Of course, there is no single secure messaging app that can meet the security and privacy requirements at all as it should be. Or may we say imprimatur secretum veritas mysterium …

Useful Resources

• A Formal Security Analysis of the Signal Messaging Protocol (pdf)
• WhatsApp security and role of metadata in preserving privacy (pdf)
• Threema Cryptography Whitepaper (pdf)
• Is Signal still more secure than WhatsApp?
• https://www.eff.org/deeplinks/2018/03/why-we-cant-give-you-recommendation

The featured painting above is Attila and his Hordes Overrun Italy and the Arts by Eugene Delacroix