Slashdot Mirror

← Back to Stories (view on slashdot.org)

CyanogenMod Integrates Text Message Encryption

Posted by Unknown on from the only-criminals-text-with-aes dept.

sfcrazy writes "People are now more concerned regarding their privacy after discovering about efforts made by governments to spy on their communications. The most practical solution to keep messages, emails and calls secure is to use a cryptographic encryption mechanism. However, just like the name of the method, the installation process is complex for most users. To solve this, CyanogenMod will come equipped with built in encryption system for text messages." Whisper System has integrated their TextSecure protocol into the SMS/MMS provider, so even third party sms apps benefit. Better yet, it's Free Software, licensed under the GPLv3+. Support will debut in Cyanogenmod 11, but you can grab a 10.2 nightly build to try it out now.

1 of 118 comments (clear)

  1. How keys are managed by Fnord666 · · Score: 4, Informative
    From the Open WhisperSystems Blog:

    The TextSecure Protocol

    TextSecure's upcoming iOS client (and Android data channel client) uses a simple trick to provide asynchronous messaging while simultaneously providing forward secrecy.

    At registration time, the TextSecure client preemptively generates 100 signed key exchange messages and sends them to the server. We call these "prekeys". A client that wishes to send a secure message to a user for the first time can now:

    Connect to the server and request the destination's next "prekey."
    Generate its own key exchange message half.
    Calculate a shared secret with the prekey it received and its own key exchange half.
    Use the shared secret to encrypt the message.
    Package up the prekey id, the locally generated key exchange message, and the ciphertext.
    Send it all in one bundle to the destination client.

    The user experience for the sender is ideal: they type a message, hit send, and an encrypted message is immediately sent.

    The destination client receives all of this as a single push notification. When the user taps it, the client has everything it needs to calculate the key exchange on its end, immediately decrypt the ciphertext, and display the message.

    With the initial key exchange out of the way, both parties can then continue communicating with an OTR-style protocol as usual. Since the server never hands out the same prekey twice (and the client would never accept the same prekey twice), we are able to provide forward secrecy in a fully asynchronous environment.

    --
    'The tyrant will always find pretext for his tyranny.' - Aesop's Fables