Facebook Experiments With End To End Encryption In Messenger
from the good-to-see dept
This has been rumored before, and perhaps isn’t a huge surprise due to Whatsapp’s use of end to end encryption, but Facebook has launched a trial of end to end encryption in Facebook messenger, under a program it’s calling “Secret Conversations” (which also allows for expiring conversations).
It?s encrypted messages, end-to-end, so that in theory no one?not a snoop on your local network, not an FBI agent with a warrant, not even Facebook itself?can intercept them. For now, the feature will be available only to a small percentage of users for testing; everyone with Facebook Messenger gets it later this summer or in early fall.
What’s good to see is that Facebook is directly admitting that offering end to end encryption is a necessary feature if you’re in the messaging business today.
?It?s table stakes in the industry now for messaging apps to offer this to people,? says Messenger product manager Tony Leach. ?We wanted to make sure we?re doing what we can to make messaging private and secure.?
This is a good sign. For years, tech companies more or less pooh-poohed requests for encryption, basically suggesting it was only tinfoil hat wearing paranoids who really wanted such things. But now they’re definitely coming around (something you can almost certainly thank Ed Snowden for inspiring). And, not surprisingly, Facebook is using the Signal protocol, which is quickly becoming the de facto standard for end to end encrypted messaging. It’s open source, well-known and well-tested, which doesn’t mean it’s perfect (nothing is!), but it’s at least not going to have massively obvious encryption errors that pop up when people try to roll out their own.
Some security folks have been complaining, though, that Facebook decided to make this “opt-in” rather than default. This same complaint cropped up recently when Google announced that end to end encryption would be an “option” on its new Allo messaging app. Some security folks argue — perhaps reasonably — that being optional rather than default almost certainly means that it won’t get enough usage, and some users may be fooled into thinking messages are encrypted when they are not.
Facebook’s Chief Security Officer, Alex Stamos (who knows his shit on these things) took to Twitter (not Facebook?) to explain why its optional, and makes a fairly compelling set of arguments (which also suggest that there’s a chance that end to end encryption will eventually move towards default). A big part of it is that because of the way end to end encryption works (mainly the need to store your key on your local device) that makes it quite difficult to deploy on a system, like Facebook Messenger, that people use from a variety of interfaces. Moxie Marlinspike, the driving force behind Signal has already pointed out that Signal protocol does support multi-device, so hopefully Facebook will figure it out eventually. But in the short term, it would definitely change the way people use Messenger, and it’s at least somewhat understandable that Facebook would be moderately cautious in deploying a change like this that would end up removing some features, and potentially confusing/upsetting many users of the service. Over time, hopefully, end to end encryption can be simplified and rolled out further.
As some cryptogrphers have noted, this is a good start for a company with hundreds of millions of users on an existing platform in moving them towards encryption. A ground up solution probably should have end to end enabled by default, but for a massive platform making the shift, this is a good start and a good move to protect our privacy and security.
Anyway, anyone have the count down clock running on how long until someone from the FBI or Congress whines about Facebook doing this?
Filed Under: encryption, end-to-end encryption, messenger, signal protocol
Companies: facebook
Comments on “Facebook Experiments With End To End Encryption In Messenger”
Facebook still gets metadata. Would not touch with 10000′ pole, and neither should anyone else who actually cares about their privacy.
If anything, this is just going to give Facebook the data they need (which will likely be shared with all interested government agencies) to figure out who to watch more closely by profiling the types and groups of people who use the ‘secret’ functionality most often.
Do you actually trust facebook to not give up keys to a government entity?
Re: Re:
If it’s truly end-to-end then Facebook has no keys to give up.
Re: Re: Re:
There is the small matter of key exchange, which applies to any public key system, how do you validate that the keys you are using belong to the people you are communicating with, rather than a man in the middle who is relaying your messages. Similarly, if some server outside your control is storing the keys you use, how do you know that you are always getting the key of the person you are communicating with.
It does not matter how secure the encryption is if you cannot confirm by some reliable means whose keys you are actually using. As ever convenience is the enemy of security.
Re: Re: Re: Re:
“how do you validate that the keys you are using belong to the people you are communicating with, rather than a man in the middle who is relaying your messages.”
PKE has mechanisms to handle that.
“Similarly, if some server outside your control is storing the keys you use, how do you know that you are always getting the key of the person you are communicating with.”
In a true end-to-end crypto system, no server outside your control is storing your private key.
Under Supervision
The article forgot to mention that the end to end encryption is under the supervision of the FBI.
Key echange is the hard part
Indeed, this is the hardest part in creating usable cryptography. And there are always trade-offs.
At one side there is the pre-exchanged keys. It’s secure and private but doesn’t scale.
Then came the CA’s. They attest which key belongs to whom. This is reasonble secure but leaks metadata, lacks deniability. And there is the issue of: who does this identity belong to?
Now we have Facebook, Apple, Google et al tying keys to phone numbers. Again, leaks metadata and lacks deniability.
Now the question is: can they replace one key for another without detection?
And there is my eccentric authentication, a different way to exchange public keys and identities online. Check out eccentric-authentication.org.
Countdown clock starting in 3 – 2- 1 – NOW…..