What are the features of a secure and private communication service

What are the features of a secure and private communication service

fpoi.org

Last update: February 21, 2024

Español - Italiano

Introduction

This article analyses the security and confidentiality features of the most commonly used communication services or applications.

Note: the comparison is made between WhatsApp (the most widespread 2 billion users), Telegram (the most secure and widespread 500 million users), Signal and Wire (the most secure and confidential). A comparison in terms of functionality is available at this address.

Remark: for any communication service or application, absolute security and confidentiality do not exist. In fact, the use of secure and confidential communication techniques and protocols does not guarantee the absence of defects or bugs in their implementation. Moreover, any service or application requires trust in the service managers and in the following aspects:

  • Design and implementation of a secure service;
  • Absence of security and backdoor vulnerabilities;
  • Presence of source code and possibility to verify the correspondence between it and the application;
  • No changes to the application by the source from which it was downloaded;
  • No incentive or reason not to protect user data;
  • No will or impossibility to deliver user data to the authorities.

Index

Communication technique

  • End-to-end or e2e encryption: encryption protection allows data to be read only by users who are communicating. In theory, no third party can read or alter data that is only stored in devices. Note: the use of this type of encryption still requires the presence of a server to deliver data (messages, images, audio, video, files, etc.). Application: Signal, Telegram (secret chats and audio/video calls), WhatsApp, Wire.
  • Client-server or cloud encryption: cryptographic protection allows data to be read by the managers of the server where it is stored. Application: Telegram (private, group and voice chats, channels).
  • No encryption: no cryptographic protection. The data is transmitted unencrypted over the Internet.

Analysis: in theory, e2e encryption does not require any trust in the server that cannot read the data unlike client-server encryption. In practice, e2e encryption, if it is Trust On First Use (TOFU), suffers from the MITM threat. Communication between users is only secure if it is possible to verify the fingerprints of the encryption keys (fingerprint) of the devices used. The verification allows you to ascertain the identity of your interlocutors and requires a secure channel (meeting in person). If not verified, e2e encryption requires trust in the server. In addition, in e2e encryption, adding a new device to the device group or installing the application again on the same device requires re-verification.

Signal and Wire notify the change in the encryption keys and require confirmation from the user to continue the communication. WhatsApp have this notification disabled by default and does not require any confirmation. WhatsApp provides the possibility to automatically verify encryption keys through a key transparency mechanism that mitigates, but does not solve the problem. Telegram closes the secret chat if the encryption key is changed (this is not possible for other applications as they have no alternative to e2e chats). In addition, Telegram in audio/video calls shows the encryption key using emoji easily verifiable. Note: Signal, Wire, Whatsapp and Telegram secret chats are TOFU. 

Conclusion: e2e encryption is always preferable to client-server encryption as long as you can verify the identity of your partners. Otherwise, e2e encryption loses its effectiveness and remains susceptible to MITM attacks.

Communication protocol

Analysis: a communication protocol must be open to allow formal verification of both the functioning and the cryptographic and hashing primitives used in order to exclude the presence of vulnerabilities. At the moment, communication protocols fully protect with e2e encryption only one-to-one communications (chats and audio/video calls) and not group communications (chats and conferences). Note: in cryptography, the design of a new communication protocol, instead of using a tested one, is considered a bad practice especially if carried out by a non cryptographer. Although this statement is acceptable, there is no evidence of its validity.

The Signal protocol, formerly known as TextSecure protocol, was born in 2013 from the Open Whisper Systems project that became Signal Messenger in 2018. The protocol is considered the state of the art for communication applications; in fact, the majority of them both open source (Signal, Wire) and closed source (Facebook Messenger, Skype, WhatsApp) use it. The MTProto protocol was born in 2013 from the Telegram project. Version v1.0 has received strong criticism from cryptographic experts because of some design defects (use of the hashing primitive SHA1 and the absence of the IND-CCA criterion) corrected with version v2.0 released in 2017. For both versions, there are no known vulnerabilities and crack contests have been made without winners. Note: Signal and MTProto protocols have been compared often in the past: the former has always been preferred to the latter (version v1.0) by encryption experts due to its design choices and the fame of its developer (Signal vs. Telegram). Finally, Wire supports the federation and is actively participating in the development of the new Messaging Layer Security (MLS) communication protocol of the IETF.

Conclusion: openness of specifications and formal correctness are two fundamental requirements for any communication service.

Software license

  • Open source or free: client and server source codes are available and anyone with sufficient expertise can analyze them. Generally, the source code is released on GitHub. Application: Signal (client and server), Wire (client and server).
  • Semi-open source: only the client source code is available while the server code is closed. The application binary (client) is not obfuscated. Generally, the source code is released on GitHub. Application: Telegram (client).
  • Closed source or proprietary: client and server source codes are not available. Generally, the binary of the application (client) is obfuscated to make it difficult, if not impossible, for third parties to analyze it. Application: WhatsApp (client and server).

Analysis: in cryptography, the Kerckhoffs's principle states that the security of a cryptographic system must not depend on the secrecy of the cryptographic algorithm, but only on the secrecy of the encryption key. This principle requires the availability of the source code to allow analysis by third parties. Any communication service is transparent if and only if the implementation details are known or if it is open source. Note: security through obscurity is an opposite principle to that of Kerckhoffs and considered weak by modern cryptography.

Signal and Wire are completely open and therefore transparent and can be analyzed by third parties. In addition, Signal allows you to verify the absence of changes to the Android application from the source from which it was downloaded. However, at the moment, only Wire provides a free version (without proprietary software) on the FOSS F-Droid catalogue (Signal). Telegram is open on the client side and has a free version on the FOSS F-Droid catalogue. Moreover, Telegram allows you to verify the absence of changes to Android and iOS applications from the sources from which they were downloaded. The clients are transparent and can be analysed by third parties while the server is closed and requires trust in the developer of the service Telegram. In addition, Telegram is part of a project known as The Open Network (TON) which plans for the opening of the source code of the server by 2021 [1]. WhatsApp is completely closed, the binary published in the catalogs (PlayStore and AppStore) is obfuscated and does not allow any analysis. As a result, maximum confidence in the developer of the service Facebook is required.

Conclusion: the opening of the source code is a fundamental requirement for any service, especially for a communication service.

Data storage

  • Locally: data is stored locally on your device. You don't need to trust third parties because the data never leaves your device. Saving is not intuitive, slow and takes up space on the device. Application: Signal, Wire.
  • In the cloud on your own servers: data is stored with cloud encryption in the servers of the service managers. Saving is intuitive, fast and doesn't take up space on the device, but requires trust in the communication service managers. Application: Telegram.
  • In the cloud on third-party servers: data is stored with cloud encryption on third parties servers. Saving is intuitive, slow, takes up space in the device, but above all requires double trust in the communication service provider and the cloud space provider. Application: WhatsApp.

Analysis: local data storage requires no trust, while cloud storage requires single and double trust in the servers. However, saving data locally must be done manually, requiring time and (minimal) technical knowledge. Almost all (95%) of the users are unwilling or unable to use this solution. Consequently, saving data in the cloud is the compromise to be accepted in favor of speed and ease of use and at the expense of confidentiality.

Signal and Wire allow only manual and locally encrypted data storage. Telegram stores data automatically and with cloud encryption on its servers and requires trust in the developer of the service Telegram. In addition, Telegram plans to store data in the decentralized network of the project known as The Open Network (TON) by 2021 [1]. WhatsApp stores the data automatically (after the first configuration) and with cloud encryption via Google Drive or iCloud and requires the utmost trust in the developer of the Facebook service and in the cloud operator Google or Apple (optional e2e encryption). In particular, multimedia data (images, audio, video and files) are in clear text while messages, contacts, stickers and settings are encrypted (cryptographic primitive AES-256) and Facebook has the encryption key. In addition, WhatsApp provides the option, disabled by default, to protect data storage with e2e encryption by removing trust in the cloud operator Google or Apple. Note: Telegram and Wire allow you to delete sent data for an unlimited period of time (Telegram also provides the same functionality for data received). WhatsApp and Signal allow deletion of all sent data within 48 hours and 3 hours respectively. Note: Signal, Wire, Whatsapp and Telegram allow you to send timed messages in private and group chats.

Conclusion: saving data locally is the only solution that provides the confidentiality of the communication.

Registration and authentication methods

  • E-mail: registration for the service is via an e-mail address. The method ensures greater security with less immediacy. Application: Wire.
  • Telephone number: registration for the service is via a telephone number. The method is immediate, but insecure due to known vulnerabilities. Application: Signal, Telegram, WhatsApp, Wire.
  • 2-factor authentication (2FA): uses two individual authentication methods together (PIN, password, token, biometrics, etc.). The 2FA improves security by introducing the need for two authentication methods instead of one. Application: Telegram, WhatsApp.

Analysis: registration via e-mail is secure and confidential: the first derives from the absence of unresolved vulnerabilities while the second is linked to the possibility of using anonymous e-mail services. Telephone number registration suffers from known vulnerabilities of the SMS service and should be avoided. The 2FA allows to eliminate the weaknesses of telephone number registration and to increase the security of e-mail registration; for these reasons it is recommended to enable it when available. Note: adding a new device or a previously used device requires a new registration or authentication.

Signal and WhatsApp only allow you to register for the service using a telephone number. Telegram, in addition to the telephone number, allows registration for the service using an anonymous number via the project known as The Open Network (TON). Telegram and WhatsApp provide the ability to enter, respectively, a 6-digit PIN and a password and retrieve them through an email address. Signal provides the ability to lock registration with a PIN, but the lock expires after 7 days of inactivity. Wire allows you to register for the service using both an email address and a phone number, but does not provide any 2FA. Wire and Telegram inform the user of the presence of a new device through a notification in the application installed in other previously added devices (Wire also sends an e-mail message if it has been used as a registration method).

Conclusion: e-mail is always preferable to telephone number as a method of registration. Where not available, 2FA must be activated.

Contacts management mode

  • Username: a user is identified by his username. This mode provides greater confidentiality with less immediacy. Application: Signal, Telegram, Wire.
  • Phone number: a user is identified by his phone number. This mode provides immediacy at the expense of lack of confidentiality. Application: Signal, Telegram, WhatsApp, Wire.

Analysis: the use of username is confidential because it does not require knowledge of the telephone numbers of users. In addition, the username allows you not to have to upload your phone book on the servers of the service providers. The phone number is personal data that should never be disclosed to the public.

WhatsApp does not provide usernames and requires you to upload your address book to its servers so that users can contact you via your phone number. Signal, Telegram and Wire provide the username and users can contact each other without necessarily uploading their address book on their servers and sharing their phone number (including the e-mail address for Wire). Moreover, Signal e Wire, in case of address book upload, protect the contacts and make them unreadable from the server. Telegram, unlike Whatsapp, allows you to show your phone number only to contacts who already have it, protecting users from the authorities of oppressive regimes.

Conclusion: the username is always preferable to the telephone number as a method of contact.  

Business model

  • Donations: the service provided is free and made possible by donations from third parties (users, agency, companies, etc.). Generally, this model is used by foundations and non-profit organizations. No advertising or user profiling. Application: Signal, Telegram.
  • Additional paid features: the service provided is free for basic features and paid for additional features. Paying users allow to provide the free service for basic users. No advertising and user profiling. Application: Wire.
  • User data: the service provided is apparently free, but in reality the payment is the user data. Presence of advertising and user profiling. Application: WhatsApp.

Analysis: an unclear business model or a seemingly free service mean that payment is the data or the life of the users. In general, it is preferable to pay for a service with a subscription or by donation and be certain of its genuineness than to have it for free without any certainty. Note: generally, foundations and non-profit organizations use a .org domain (Signal and Telegram) while for-profit companies use a .com domain (WhatsApp and Wire).

Signal Messenger, as of 2018, is a LLC company supported by a non-profit foundation whose funds come from a donation by the co-founder of WhatsApp who was forced to abandon his original project due to differences with the management. Previously, Signal was funded by the US government. WhatsApp is a LLC company and, as of 2014, is owned by Facebook, a publicly traded U.S. company whose profits are 98% derived from advertising. Wire is a European GmbH company whose profit is linked to subscriptions for companies and users with advanced features. Telegram is a FZ-LLC company whose funds come from the donations of its co-founder. Telegram plans to become a non-profit foundation from 2021 being part of the project known as The Open Network (TON) [1].

Conclusion: a transparent business model is a fundamental requirement for any service, especially for a communication service.

Censorship resistance

  • Comprehensive: the service supports freedom of speech and counteracts the control and limitation of communication by the authorities. The registered offices and servers of the service are located in states where the law on the disclosure of cryptographic keys does not apply. Application: Telegram, Wire.
  • Partial: the service supports freedom of speech and counteracts the control and limitation of communication by the authorities. The registered offices and servers of the service are located in states where the law on the disclosure of cryptographic keys is applied. Application: Signal.
  • None: the service cooperates in the control and limitation of communication by the authorities. The registered offices and servers of the service are located in countries where the law on the disclosure of cryptographic keys is applied. Application: WhatsApp.

Analysis: freedom of speech and confidentiality are two fundamental rights of users that must be guaranteed by a communication service. In general, these rights should take precedence over requests from government authorities and a communications service should be able to operate in the presence of blockages and censorships imposed by these authorities.

Telegram supports freedom of speech and opposes censorship. Moreover, it has never given data to third parties including government authorities and has therefore been blocked in Iran, China, Pakistan and many other countries while continuing to operate through the use of proxies (excluding China). The operational headquarters is in Dubai while the servers are geographically distributed throughout the world in various jurisdictions to protect the data from interference by government authorities. Telegram is part of a project known as The Open Network (TON) which plans for the creation of a decentralized anti censorship network, parallel to the Internet, with integrated proxy and VPN services by 2021 [1]. Wire supports freedom of speech and has never passed on data to third parties. The operational headquarters is in Switzerland, while the servers are under the jurisdiction of the EU. Signal supports freedom of speech and opposes censorship. In addition, Signal has never transferred data to third parties and has therefore been blocked in Egypt, Qatar, United Arab Emirates, Iran, China and other countries. The operational headquarters and servers are under the jurisdiction of the United States. WhatsApp does not support freedom of speech and cooperates in the control and limitation of communication by the authorities. The operational headquarters and servers are under the jurisdiction of the United States. Note: Signal and Telegram used the domain fronting technique to bypass blockages imposed by some states until Google and Amazon stopped their support.

Conclusion: resistance to censorship is a fundamental requirement for any communication service.

Metadata collection

Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org