Regular end-to-end encryption may not be that secure

[51CTO.com Quick Translation] Is the messaging platform really as solid as a rock?

Ordinary users may naively believe that popular social chat tools such as WhatsApp and Signal must be very thorough in encrypting messages and perfect in controlling business communication and privacy. However, the opposite is true. Due to the complexity of encrypted communications and the real-time concurrency of instant messaging, major enterprise-level messaging application platforms may make massive messages more easily leaked and more vulnerable to hacker attacks.

To be fair, apps like WhatsApp and Signal have enabled advanced encryption technologies such as H-256, and can destroy messages stored on the platform after a period of retention according to the agreement between the user and the app. However, as the saying goes, "the higher the virtue, the higher the evil", hackers' technology is also improving day by day and constantly iterating. Therefore, the risk of real-time messages being intercepted, read, or even tampered with always exists.

[[315860]]

End-to-end encryption (E2EE) protects you

In order to protect the confidentiality of messages and the privacy of content, platforms often use end-to-end encryption technology during the transmission of messages. Its basic principle is: after the message is sent from the server, the end-to-end encryption method will convert the message or streaming media into untraceable data blocks, which is what we usually call "ciphertext". The ciphertext message is transmitted along the communication channel until it reaches the receiving end and is decrypted. In this way, we protect the data information in the message from unauthorized access or snooping.

For convenience, you can think of end-to-end encryption as a "bodyguard". He picks you up from your home, helps you put on a mask, accompanies you on various means of transportation, and finally walks with you to the entrance of your destination. The following figure shows how the entire end-to-end encryption flows and is implemented within a messaging platform.

An enterprise-grade messaging platform needs more than end-to-end encryption

In a recent FBI investigation, they found that FBI agents were able to easily tap into chats and access messages sent by former Senate Intelligence Committee aide James Wolfe on the Signal platform from an encrypted server. Some of the content of these encrypted messages was even disclosed to the New York Times.

It is still unknown how the FBI found the backdoor to crack the password and how they gained the trust of the encrypted messaging platform (some analysts believe that they used software technologies such as Pegasus). But it is worth noting that there are some underestimated protocols and operating systems in the current technology world, such as OMEMO and RattleSnake OS. They are designed for secure messaging scenarios across multiple devices. In the current market, companies like MirrorFly can provide the above encryption protocols and operating systems for messaging applications.

As shown in the figure below, OMEMO is a protocol that uses the Double Ratchet algorithm to provide encryption services to multiple clients (endpoints).

The basic functions of the OMEMO protocol include:

• Symmetric end-to-end encryption: Use the same key to encrypt messages at the sender and decrypt them at the receiver. The biggest advantage of symmetric algorithms is that they simplify the complexity of key exchange.
• Independent key update: In this protocol algorithm, we do not need peers or public key infrastructure (PKI) to obtain new keys. We only need to derive one or more keys from a key value (such as a master key) using a pseudo-random function through a key derivation function (KDF).
• Forward Secrecy: Because a unique temporary key is assigned and used for each message, even if a specific set of messages is cracked, all other messages using different keys can still be kept secret.
• Plausible Deniability: Even if a message is successfully intercepted, the snoopers cannot determine who sent the message.
• No out-of-order or lost messages: Each message has a session number embedded in its header. Even if a message fails to be transmitted, it will not disrupt the entire key derivation chain.

How the Double Ratchet Algorithm Works

As shown in the figure below, when we use the AES-256 algorithm to encrypt messages, although the algorithm itself is unbreakable, the most difficult part is: how to let multiple recipients share the key over an insecure channel.

In a one-to-one communication scenario, the Double Ratchet algorithm is processed by the Diffie Hellman (DH) key exchange. The Double Ratchet algorithm is an ideal method for performing multiple Diffie Hellman key exchanges simultaneously. Therefore, the entire communication is achieved by running two Ratchet algorithms in parallel, namely:

• Root Chain
• Sender and Receiver Chain

The RattleSnake OS mentioned above is mainly used in defensive communication scenarios. It uses cross-platform tools and AWS infrastructure to build its own operating system.

Advantages of RattleSnake OS in Messaging Platform

• Just like iOS and Android, we can build customizable chat channels on RattleSnake OS.
• RattleSnake OS supports Google Pixel and other brands of smartphone hardware.
• It includes many enhanced security features.
• A messaging platform built on RattleSnake OS that acts as a hybrid security layer for end-to-end encryption and system functionality.

Summarize

In summary, when choosing instant messaging tools, especially enterprise-level messaging platforms, we should not blindly follow the trend, which will expose users to unknown risks and threats from advanced attackers. We should fully control our messaging applications and services by fully evaluating and adopting more secure encryption standards such as RattleSnake OS.

End-to-End Encryption Isn't as Safe as You Think!

[Translated by 51CTO. Please indicate the original translator and source as 51CTO.com when reprinting on partner sites]