The French Govt's Hand-Rolled Encrypted Messaging Service (Briefly) Allowed Anyone To Pretend They Were A Government Official

from the inauspicious-debut dept

Early last year, news leaked out the French government was building its own encrypted messaging service. This seemed a bit disingenuous when this same government was routinely calling for backdoors in encryption for everyone else. The potential upside of the government rolling its own is that it would push government officials off third-party services and onto a platform where they might not be compromised along with everyone else if or when these privately-run platforms were hacked/backdoored.

The problem with rolling your own encryption is it's a more daunting task than those asking for it imagine it will be, as Mike Masnick pointed out in last year's post.

However, doing encrypted messaging well is... difficult. It's the kind of thing that lots of people -- even experts -- get wrong. Rolling your own can often get messy, and you have to bet that a government rolling its own encryption for government officials to use is going to be a clear target for nation-state level hackers to try to break in. That's not to say it can't be done, but there are a lot of tradeoffs here, and I'm not sure that the best encryption is going to come from a government employee.

So far, this warning has proven true. The best encryption hasn't come from a government employee. At least, not yet. As Sean Gallagher writes for Ars Technica, the government's handmade messaging service, Tchap, has already been broken by a security researcher.

The name servers set up by the departments and ministries of the French government running Matrix's code were parsing email addresses submitted for new accounts to check against existing email addresses within their directory services. After doing code analysis on the Tchap package posted to Google's Play store, [researcher Baptiste] Robert used the Frida proxy tool to alter a Web request for a new account from the app to pass a crafted email address value that grafted his own address onto a known account on the targeted directory server—presidence@elysee.fr, the official email address of the Élysée, the official residence of France's president. The value sent to the server used an @ symbol to separate the two addresses (anaddress@protonmail.com@presidence@elysee.fr).

Because of the way the directory service validated the email address, it matched the address in the second half of the pair with the known address. But the code that parsed the address for the validation email on the server side, which was built with the Python email.utils module, trimmed off everything after the first valid address. That means Robert got an email back for verification of the account, and the server thought the address was an official government account.

Not only was Robert able to get his faux account validated within two hours of downloading the app, he was also able to obtain plenty of info linked to other government account profiles. On the bright side, the team behind the app reacted quickly to notification of the security flaw and suspended account creation until it could be patched. The French government has also instituted a bug bounty program for Tchap, which will hopefully result in further flaws being addressed before they're exploited by criminals or state-sponsored hackers.

To be fair, Tchap is still in its "beta" stage. But that's not much comfort considering it was rolled out for use in this state, exposing government employees' personal account info and allowing any outsider to take a seat at the Tchap table just by exploiting the system's less-than-robust validation process.

Filed Under: encryption, france


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 24 Apr 2019 @ 1:52am

    Sure could have used that sanity earlier...

    Not only was Robert able to get his faux account validated within two hours of downloading the app, he was also able to obtain plenty of info linked to other government account profiles. On the bright side, the team behind the app reacted quickly to notification of the security flaw and suspended account creation until it could be patched. The French government has also instituted a bug bounty program for Tchap, which will hopefully result in further flaws being addressed before they're exploited by criminals or state-sponsored hackers.

    Of all the things they chose to have a sane response to... well, given it's their (hypocritical) security we're talking about I suppose pure self-interest was enough for them to put a pause on the collective cranial-rectal-examination they've been engaged in the last few years, though I'm not holding my breath that it'll last.

    reply to this | link to this | view in chronology ]

  • icon
    Seegras (profile), 24 Apr 2019 @ 5:04am

    Account Holders

    And here's a list of account holders that have themselves made an account by subverting someone within the french government:
    https://en.wikipedia.org/wiki/List_of_intelligence_agencies

    Please note: the "french public" is not among them.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Apr 2019 @ 6:04am

    as so often happens, governments get involved in something they know very little about and screw it up! and make no mistake about it, this has nothing to do with stopping messaging apps etc and people passing messages on to whoever but everything to do with stopping those messages from containing damning information about the government officials, politicians and all their 'mega-rich, 1% friends' both in and out of industry!!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Apr 2019 @ 6:26am

    The potential upside of the government rolling its own is that everyone else can nerd softer

    reply to this | link to this | view in chronology ]

  • icon
    Federico (profile), 24 Apr 2019 @ 7:12am

    Free software is the point

    The French state is paying for the development of Matrix applications and server-side software, plus the installation and running costs of dozens of Matrix servers, to be connected with various external messaging services.
    https://fosdem.org/2019/schedule/event/matrix_french_state/

    This is unquestionably a good thing. For once, France is paying for something which goes into the commons and will benefit everyone else (if they want to use it). They forked the existing software (Riot.im etc.) and improved it in ways which can be useful for others too.

    Someone inspected the software, reported a bug and got it fixed within hours: I say that was the point entirely! Sure, they could have put out some bug bounties before opening it up for "everyone".

    But of course building your own chat servers is not a way to have ultra-secure messaging for the secret service; it's just a harm reduction exercise for the millions of public employees who currently feel "forced" to use WhatsApp or whatever to communicate with citizens, with the result that they are subjected to infinite and unchecked surveillance by private companies.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Apr 2019 @ 8:11am

      Re: Free software is the point

      This is unquestionably a good thing.

      And who controls the certs or private/public keys used for encryption/decryption?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Apr 2019 @ 8:26am

      Re: Free software is the point

      The French State is not paying for anything. The taxpayers are paying for it.

      reply to this | link to this | view in chronology ]

      • icon
        Thad (profile), 24 Apr 2019 @ 10:00am

        Re: Re: Free software is the point

        Yes, when someone says a government is paying for something, that means that the money is coming from people who pay taxes to that government. That's what taxes are. They're money that people pay to the government that the government then uses to pay for things.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Apr 2019 @ 9:50am

    Not an encryption break

    The best encryption hasn't come from a government employee. At least, not yet.

    That's misleading. The broken part had nothing to do with encryption. It was based on sending an unencrypted message to... somewhere, possibly outside the government. Whoever receives it first gets access.

    Had they verified using something standard like Kerberos, which more organizations are already using, they'd have been fine (...provided they didn't take the word of a non-government authentication server).

    reply to this | link to this | view in chronology ]

  • identicon
    TDR, 24 Apr 2019 @ 10:56am

    I wonder, are Neo and Morpheus among the Matrix hackers on that team?

    reply to this | link to this | view in chronology ]

  • identicon
    Canuck, 24 Apr 2019 @ 1:27pm

    Retarded coders

    Gawd, what a bunch of idiots. Can't even parse/verify/reject email addresses correctly. Sounds about right - government coders here can't figure out how to display latitude/longitude to less than eight decimal places. Here's a real example: 46.54111111, -84.32555556. That's right, apparent millimeter or better accuracy from consumer GPSrs...

    The losers don't understand what happens when you use floating point storage for data that has no business being converted to floats. Gorram retards everywhere.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Apr 2019 @ 2:11pm

      Re: Retarded coders

      Can't even parse/verify/reject email addresses correctly. Sounds about right - government coders

      It's actually kind of hard (1)(2). RFC3696 gives some advice, but one should first consider whether email address validation is the correct way to solve this problem. People could play games with mailing lists, different addresses that go to the same place, etc.; addresses could be reassigned; and anyway, why should email be the best way to check whether someone is a government employee? Isn't there an employee directory, maybe a public key system, that could be used?

      If one government employee can't tell whether another person is an employee, there are going to be problems.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.