(Update: I no longer recommend Whatsapp. I now recommend Signal. See blog article.)
The messaging app that you should be using is Whatsapp. Drop the other messaging apps that you have been using, and switch to Whatsapp. Urge your messaging pals to migrate to Whatsapp. Why? Because it uses end-to-end encryption and Perfect Forward Secrecy. I will explain why this is so important.
The Snowdon revelations remind us that nearly all forms of communication pass in unecrypted form through routers and servers and data links where ne’er-do-wells and government agencies could intercept them. We as practitioners representing clients need to think about this.
A first question might be, why do I need a messaging app at all? A person might say, I can accomplish what I need through the text messaging that is provided by my telephone carrier. This point of view is completely mistaken, on many levels. First, even if you have a carrier messaging plan for “unlimited messages”, your correspondent may not have such a plan. You may be forcing your correspondent to pay 25¢ per message to receive your messages. Worse, if your correspondent is in some other country, you may be forcing them to pay as much as $1 per message. And a text message is rather like a post card, freely viewable at many points between sender and receiver.
In contrast, a messaging app avoids the expense (for sender and receiver) of a phone company message. On your data plan the text message sent through a messaging app probably costs one-thousandth of a cent. And messaging apps are much more versatile. With one or two clicks you can forward an address book contact, a web URL, a photograph, a video recording, a voice message, or your map location. You can even conduct a VOIP (voice over IP) telephone call. The popular messaging apps all have web-based interfaces which permit these activities to be carried out from your desktop or notebook computer as well. Not only that, you can easily transfer large data files from computer to computer using the web-based messaging apps.
Importantly, that bloated Powerpoint file that is so big that you can’t send it by email, you can effortlessly send with one or two clicks through a messaging app.
Which brings us to the point of today’s posting. The point of today’s posting is that the messaging apps differ from one to the next in the nature of the security (the encryption) that is employed. What most of these messaging apps have in common is that they encrypt a message only between the user and the service provider. But at various points between sender and receiver, the message is “in the clear”. The computer file, the photograph, the video recording, the voice message, the VOIP telephone call, all are “in the clear” at at least one or two points along the way from sender to receiver.
Ordinary wireless telephone calls placed using your wireless phone are likewise passed “in the clear” at multiple points.
In contrast, Whatsapp encrypts “end to end”. The sender and the receiver establish a connection using an encryption key known only to them. The service provider does not know the encryption key. If a government agency were to try to pressure the service provider into handing over a decrypted message, the service provider would be able to say, truthfully, that it does not possess the encryption key and so cannot decrypt the message. Likewise a rogue employee within the service provider would not be able to see the plain text of any message.
The designers of the encryption system for Whatsapp did another smart thing, a thing that all system designers should do (but that many fail to do). The Whatsapp designers designed the encryption system to provide what is called “Perfect Forward Secrecy“. PFS means that for any particular message, the sender and receiver use an encryption key only once. After the sender and receiver have finished their communications, they each discard the encryption key and do not use it again.
PFS is very much a common-sense concept. If a sender and receiver were to use the same encryption key for lots of messages, this would provide to an eavesdropper a large body of encrypted text that had been encrypted with that key. It is well known that a codebreaker has a much better chance of breaking the encryption (figuring out the encryption key) if the codebreaker has a large body of material that had been encrypted with that encryption key.
Some system designers get this wrong. They use the same encryption key for all sessions with a particular correspondent, and, even worse, some use the same encryption key for all correspondents. In the latter case, the body of encrypted text available for codebreaking analysis can be enormous. Importantly, once the eavesdropper has figured out the decryption key, the eavesdropper may now go back through months or perhaps years’ worth of previously intercepted messages and decrypt all of them.
With PFS, the body of encrypted text for which a particular encryption key was employed is small — limited to the size of one data file or recording or message. This makes codebreaking difficult. And even if an eavesdropper breaks the code, this only gives access to this one message. The accomplishment is of no help in decrypting past messages.
So you can guess where this part of the discussion is going. The designers of Whatsapp not only provide end-to-end encryption, but also provide Perfect Forward Secrecy.
(I have previously blogged that USPTO fails to provide PFS in many of its e-commerce systems.)
You can see a white paper in which the Whatsapp system designers provide a nicely detailed discussion of the implementation of the PFS and end-to-end encryption aspects of Whatsapp.
Whatsapp thus provides extremely secure communications. The communications are extremely unlikely to be successfully decrypted by any third party. The security and privacy benefits of Whatsapp offer themselves to international travelers. And let’s remind ourselves of the types of communications that are provided in this secure and private way … voice calls, text messages and voice messages … secure and private transfer of computer files and video recordings. Very large files (files that are so big that they cannot be sent in email attachments) can be sent with just one or two mouse clicks. All protected with end-to-end encryption and PFS.
These benefits offer themselves regardless of how you connect to the Internet. You could use an insecure wifi connection at a coffee shop or hotel lobby and still all of these communications are as secure as if you were using your VPN to connect.
Even with use of Whatsapp, it should be realized that an eavesdropper can still attempt “traffic analysis”. Depending on the servers and routers to which an eavesdropper is able to gain access, the eavesdropper could learn the identity of the sender and receiver, and the types and sizes of messages and files being exchanged.
Traffic analysis notwithstanding, Whatsapp offers a way to communicate more securely than almost any other means of communication. Much more secure than most wireless phone calls or text messages. Much more secure than most email messages. Much more secure than most “drop box” ways of transferring large data files.
So indeed I encourage readers to adopt Whatsapp. I encourage readers who presently use a messaging app other than Whatsapp to migrate themselves and their correspondents to Whatsapp. Readers who until now have used only wireless carrier text messages, I encourage you to learn to use a messaging app, namely Whatsapp. And once you learn to use Whatsapp on your smart phone, I encourage you to take the next step and learn to use the web-based version of Whatsapp that you can use on your notebook computer.