Site icon Juraj Bednar

Encrypted messengers – how to communicate privately?

Recently, there have been some fairly major improvements in the encryption of our communications. Virtually all websites have switched to encrypted communication using the https protocol. If we go to an unencrypted site, the browser will warn us that something is wrong. But this positive change goes hand in hand with an increased surveillance different way of tracking, informing third parties about what we are doing, what social media posts we like and so on. It’s the basis of a so-called surveillance capitalism.

A special category of communication, which has recently been affected very fundamentally by the introduction of encrypted communication, are messaging applications. From solutions for corporations (Slack, Google Suite, Microsoft Teams), through (originally gaming) communities (Discord), to personal communication – WhatsApp, Facebook Messenger, Telegram, Viber, Wire, Signal, Threema, …

Each of these projects has slightly different uses and different characteristics. In this text[JB1] , we will look at the properties with respect to communication privacy – how secure is the data and the metadata of the communication. I will not go into the risks of all platforms in detail, I will only describe the platforms that are acceptable for privacy from my perspective.

Why privacy?

Why should we deal specifically with privacy? Isn’t it mainly important how the communication tool is used, whether the users are happy with it and whether I can find all the people I need there?

The following are arguments for thinking about the security of communications, even when we may not be communicating about sensitive matters.

Bad habits

Let’s not build bad habits. Maybe we like a communication app, we have fun in public groups, for example. And from time to time we write something to someone. It’s just a one-time thing, however, it doesn’t matter, it’s not sensitive per se. When we’re communicating with people in a group, we occasionally want to write someone from the group a private message. The one message we send maybe should have been encrypted, but it is easier to click and reply than to ask for a contact through a more secure channel, and so we tell ourselves – does not matter, it is just this one time. Laziness wins out over the transaction costs of wondering if now is the time to switch to a secure channel.

Communication sensitivity assessment

We have no control over whether the other party assesses the need for privacy in the same way we do. This means that people are contacting us with sensitive stuff through an unsecured channel, and even if we would have preferred to secure that communication, it’s already too late, we’ve already received the message.

There is, however, an opposing view, and for completeness I present it here as well. When I asked a friend of mine – one of the best hackers in the world – why he didn’t encrypt emails, he said that when he had the encryption keys published, people wrote him things that he didn’t want to receive. The feeling of private communication removes inhibitions, and suddenly people want to hack big sites and hack into the mailboxes of their business or romantic partners. At the same time, as a hacker, he knows that most people don’t know how to secure their endpoint devices – and so they’re typing, thinking they’re safe, while their mobile or computer screen is being uploaded by some spyware and sent somewhere. So making it impossible to communicate safely has an advantage for him – everyone assumes that unencrypted messages can be read by someone and so they censor themselves.

For me, the need to encrypt outweighed this risk, because I found that people write things they shouldn’t anyway. I can’t be responsible for what other people write to me, and with such “sensitive” requests I will politely reject them anyway, whether they come through an encrypted or unencrypted channel.

So encryption is not a pass to do bad things. And we have to expect that the need for encrypted communications will be misjudged by the other side. I try not to allow them to do that.

Evaluation of what is sensitive changes over time

You know that situation when it started out kind of innocently and the conversation turned into something sensitive? That’s when we’d prefer not to have someone “record” the beginning of the conversation either.

The retrospective evaluation of what was sensitive may be different than when we are in the flow of the communication. Communication sensitivity evaluation changes as the context changes.

But after all, my tool allows encryption

Facebook Messenger, but also Telegram, for example, allows you to turn on encryption for specific one on one conversations. By not making it automatic almost no one uses it. And everything we’ve written so far applies – “we should have turned it on” then once the conversation gets going it’s too late. I don’t use Telegram, and exactly zero people have written with me with Facebook Messenger’s secret chat feature so far. An option we don’t use anyway is kind of pointless. It’s something we need to think about and proactively turn it on. It’s not going to happen in practice, people are lazy.

I trust the operator

In the early days of the Russian invasion of Ukraine, a big issue was whether the Telegram messenger was trustworthy. The Ukrainian military used it, as did the Russians, who used Telegram to communicate about what was really going on. And Russian state authorities who communicated with citizens through a Facebook page also switched to Telegram after the state blocked Facebook. The question has been raised – do we trust the company behind Telegram?

The founder of Telegram is a Russian who emigrated and seems not very enthusiastic about Putin’s regime. Personally, I believe this, but one has to consider a less likely possibility – he has made a deal with the regime (perhaps under duress) to act anti-regime on the outside so that people will use Telegram and secretly send the FSB the information they request. By not encrypting Telegram, even if the founder and the CEO of the company may be uncooperative, but the technical team could be infiltrated and the unencrypted messages could be shared with the Russian (or any other) authorities by by someone on staff. Infiltration by operators of sensitive services is common and there are criminal organisations that specialise in it.

And of course, we must not forget that if a service is poorly designed from a security perspective (such as Telegram, Facebook Messenger, Slack, Discord, etc.), it can be attacked quite easily even without the cooperation of the operator. For example, a SIM swap attack is common, where an employee of the operator (either on their own initiative or at the behest of the government) activates a second SIM card for a given phone number and the attacker activates your Telegram account based on a verification SMS. And then he sees all your messages, including historical messages. Additionally, with groups, the problem arises that it is enough for one subscriber of the group to succeed and the attacker sees all the messages in the group.

SIM swap attack is not the only type of attack possible. Another is, for example, control over a certificate authority. Again, an example from Russia. After Western sanctions were imposed on Russian state organisations, most certificate authorities could not provide services to the Russian state. There was a rapid revocation of cryptographic certificates and, consequently, Russian state websites ceased to function. The Russian state started to solve the problem – it created its own certification authority that issued certificates to the services affected in this way. This is of course understandable, they have to work somehow. The problem is that after installing such a certificate authority in your system (which is one of the recommended steps if your Russian state website is down), anyone who controls that certificate authority (in this case, the Russian state) can issue certificates for any service. You connect to Facebook, Slack or Discord and the Russian secret service gets in the middle, with a certificate that your system trusts. You don’t notice anything and the secret service sees all your messages.

This problem can be avoided by using so-called “end-to-end” encryption. Messages are not encrypted between you and the service provider (e.g. using HTTPS), but between your device and the recipient’s device. And it is precisely such services that we will be looking at in this text[JB2] . The goal is that we don’t have to trust the operator of the service, and that such simple types of attacks are not possible even with the cooperation of the operator. We will, of course, have to trust the end devices.

What are we trying to replace?

Before we get into encrypted messengers, let’s take a look at what benefits or services are offered by the less secure services – Discord, Slack, Telegram, Facebook Messenger, Google Suite, Microsoft Teams.

Network effects

The first advantage of these services is the network effect. This is particularly visible with Facebook Messenger, but we can also look at WhatsApp, LinkedIn or Google services in a similar way. Everyone is on Facebook and therefore we can write to everyone via Messenger. We don’t have to look for contact details, we already have them, we just have to type the person’s name. If we have him or her among our friends, it’s even easier. If we know someone’s name, we can message or call them in a few seconds. Lots of people use Google services and if we know their email address, we can arrange a meeting with them via Google Meet or edit a document together. If we know someone’s phone number, chances are they have WhatsApp installed and we can text them. If we wanted to achieve the same with more exotic messengers, we would often have to tell the other party to install our preferred communication tool, and sometimes we have to exchange an identifier in the service (such as a Threema ID or Matrix identifier). Signal solves this problem by using phone numbers as an identifier (similar to WhatsApp). If we have a person in our contact list, we can text them. If they don’t have Signal, we can invite them to install it, but we don’t need to exchange any other information – once installed, communication works automatically.

Rooms and threads

Corporate or group communicators such as Microsoft Teams, Slack or Discord have the advantage of creating an entire communication universe with many rooms. Most communication tools allow us to create groups, but services like Slack or Discord take this style of communication to the next level. If you have a “corporate” Slack, you can see all possible channels, all colleagues (even if you don’t have them in your contact list). If you want to discuss marketing, you click on an existing channel called “marketing,” see previous discussions, and can join in. The communication tools also allow you to communicate in threads, so you can discuss the topic in a structured format. Messages on a single sub-topic (for example, “new marketing campaign”) are together and not mixed over each other.

“Slackoid” alternatives that have both user-friendliness and better privacy are, for example, Mattermost or Zulip. While they are not end-to-end encrypted, you can run a server on your own infrastructure and thus be the operator. People trust themselves more easily than third parties.

Bots and integration

Many services allow the presence of various “helpers” in the form of programs that allow the integration of other services. So-called “bots” were already part of early communication tools such as the Internet Relay Chat (IRC). In the first Bitcoin trading channels on IRC, the bots maintained an order book. Modern services rely on bots to integrate with services such as github, corporate calendars to organise physical or virtual meetings, or to control access – for example, some rooms in Discord can only be accessed by a human who meets certain conditions.

These integrations are especially common with Slack, Telegram and Discord. Their programming and creation is very simple, also thanks to their unencrypted approach – the programmer does not have to decide what encryption keys to use, but simply instructs the program to send the service a request “write this message to this channel”.

When letters are not enough

Many services already support virtual video conference calls. Either directly (Zoom, MS Teams) or indirectly with integration to another service. Fortunately, this is already relatively common even with encrypted communicators, although there may be minor limitations on the number of participants.

Privacy technologies

Privacy technologies are in hype cycle of sorts, and it’s a fairly broad area with interesting players in the entire business ecosystem – companies, foundations, investors (angel, venture capital), open-source developers, infrastructure operators. In addition to encrypted messengers, this includes operators of VPNs (Proton, NordVPN, …), encrypted storage (e.g. ProtonDrive), encrypted backups, custom office and communication solutions that you can run yourself (NextCloud), censorship and geo-blocking circumvention, web-tracking protection, encrypted email (Tutanota, ProtonMail), financial privacy (Bitcoin privacy services, Monero), search (Presearch, DuckDuckGo, StartPage).

Privacy-aware problem-solving (e.g., communication) services are a market with interesting participants who are motivated to solve individual problems that they are aware of. It is no longer a few IT guys writing emails encrypted with OpenPGP, using the command line, but services designed for the general population that need to be user-friendly and usable.

The downside with privacy technologies is that these technologies do not track users, so they cannot make revenue from selling (aggregated) personal data and well-targeted advertising. This means that these technologies need to be funded in other ways – either directly by users in the form of a commercial paid service or in some other way (e.g. voluntary donations to foundations or tokenomics).

So the first question is – if the service is free, who pays for it and why? The second question is how the network effect can be achieved in this situation. If the barrier to entry is payment (e.g. in the case of the Threema communicator), this limits the number of users. However, it is not just the price, Threema costs a few euros, but the barrier that the user has to have a card number entered in the app store (App Store, Play Store) or somehow process the payment. This is a show-stopper for many users and they are unable or unwilling to overcome it.

The network effect is not helped by the fact that if the service does not disclose and collect even basic information about users, it is a bit harder for users to be found. A nice example of this problem is again Threema. Once someone feels like James Bond by installing a privacy-preserving messenger, if Threema asks if they want to pair their account with a phone number, many people click “no”. But then they have to give their “Threema ID” to everyone they want to communicate with in some way (for example, by sharing it through another service or scanning a QR code from the app).

Different services address these limitations in different ways, but it is good to be aware of the limitations and challenges we face.

Where did these technologies and the need for them come from?

The history of privacy technologies (anonymity, encryption, signing) begins at least with the Cypherpunks movement, which came to full fruition in the early 1990s. Of course, encryption as such existed long before that. It is also related to the cryptoanarchy of Timothy C. May, who in his cryptoanarchist manifesto talks about how these technologies will enable a world in which governments have much less of a role in our lives.

If we can communicate, produce and pay anonymously, in an internet environment, nation-state regulations whose enforcement is based on violence against the physical body are unnecessary. How is it possible that some software can prevent the enforcement of laws? Conflicts (including conflict between the individual and the state) follow the so-called “OODA loop” – in military terminology. It is a cycle that consists of four parts – observation, orientation – understanding what is happening, deciding how to react and action. Both sides of the conflict go through this OODA loop. Different ways of increasing freedom focus primarily on the last two steps. For example, law reforms or decriminalization change the way the attacker (the state) decides and acts. A law that permits possession of marijuana affects how judges decide in case of possession is discovered.

Cryptoanarchy in the narrow sense and cypherpunks in the broader sense are focused on the first two parts of the OODA loop. If someone does business over the Internet (for example, a Belarusian programmer) and does not pay taxes from that business, it does not mean that a judge would rule in his favour or that the state would not use violence against him (and thus imprison him). Thanks to encryption, privacy technologies and anonymous payments, the state will not even know that something has happened (the observe part of the OODA loop won’t yield any results) or if it does find out, it won’t know what happened (it won’t be able to find out who did what, for whom, how much and whether they got paid).

If it is not possible to identify the individual against whom the state is to exercise violence (imprisonment, confiscation of property), the law is of no effect because it is unenforceable.

It must be said here, of course, that the cypherpunkers’ vision runs up against what is in reality a disastrous operational security (opsec) problem. In practice, people often make all sorts of mistakes – registering an email address under their own name, occasionally failing to encrypt something, and so on.

The reason I write about cypherpunks here is that this philosophy implies what cryptographic techniques are used. It’s not just boring basic encryption that makes it impossible to read messages. Some communication tools use other privacy techniques – blind signatures, anonymization techniques, perfect forward secrecy. Let’s explain the last one mentioned. If we exchange an encryption key (“password”) and it is somehow revealed, we can decrypt in the future any messages that have been encrypted with that key. Perfect forward secrecy means that discovering the password will not allow us to retroactively decrypt the messages, because to do so an attacker would have to actively interfere with the communication – and it has already happened, so he would have to go back in time. He can only decrypt messages in the future, even then only if he manages to successfully stand in the communication and change its content. Another a little bit more advanced technique are the ring signatures, which allow the creation of cryptocurrencies where it is difficult to tell which coins of the cryptocurrency were actually used. Or “plausible deniability” – it is impossible to create proof of which party sent a particular message. We know one or the other, but since they both know the key, the agent provocateur could also have created the message and thus it is impossible to prove that someone wrote something.

All these techniques improve the privacy properties of encrypted communication. They can also be used to create social networks in the form of communication groups. And thanks to cryptocurrencies, it is also possible to build business relationships on these social networks that exist outside the control of the states and legacy financial system. All of this improves the sovereignty of individuals, some of whose relationships (business and communication) are separate from their physical identity. Thanks to reputation systems, we can then communicate with people we know only by nickname. Thanks to decentralized autonomous organizations (DAOs), there are organizations made up of anonymous members that manage assets worth hundreds of millions to billions of dollars. This is despite the fact that they have never physically met, don’t know their “official” names, and know that if there is a problem, they can’t go to court because they have no idea who is in which country. These relationships must therefore be set up in such a way as to prevent conflicts.

Encrypted communication tools, anonymization tools and cryptocurrencies make this cypherpunk vision real and thus increase the personal sovereignty of everyone who uses them. Punishment for opinions, dissemination of information or censorship become virtually impossible, even in non-democratic countries. We are still people who live in physical reality and have bodies, but much of our activity can be in the domain of the mind: in crypto-space, cypherspace.

Comparison of secure messengers can be found in part two of this article.

Skip to toolbar