Facebook has open-sourced encrypted group chat

Governments hate encrypted chat tools on social media, so brace for outrage in 3 ... 2 ...


Updated Facebook has responded to governments' criticism of cryptography by giving the world an open source encrypted group chat tool.

It's hardly likely to endear the ad-farm to people like FBI Director Christopher Wray, who yesterday told an international infosec conference it was “ridiculous” that the Feds have seized nearly 8,000 phones they can't access. UK prime minister Theresa May has also called for backdoors in messaging services and for social networks to stop offering "safe spaces" for extremists.

Facebook's latest project, which went live on GitHub yesterday, tackles the problem of protecting group chat. ART, Asynchronous Ratcheting Tree, was created by Facebook's Jon Millican and Oxford University's Katriel Cohn-Gordon, Cas Cremers, Luke Garratt and Kevin Milner.

As the group explains in a December paper* [PDF] about ART at the International Association for Cryptologic Research (IACR) pre-press site, existing chat solutions are great between individuals but not so good at protecting group chats.

In group chats, the paper said, “WhatsApp, Facebook Messenger and the Signal app … use a simpler key-transport mechanism ('sender keys') which does not achieve PCS” - that's post-compromise security – if Alice realises a conversation is compromised, the system has a means re-establish secure communications).

The shortcomings of those apps, the group wrote, means if someone hacks one member of a group, they can “indefinitely and passively read future communications in that group … In practice this means that in these apps, if a third party is added to a two-party communication, the security of the communication is decreased without informing the users.”

To protect group chats, ART “derives a group key for a set of agents” that's secure even if some members aren't online, and “even after total compromise, an agent can participate in a secure group key exchange.”

The ART scheme sets up conversations using what the paper calls “asymmetric prekeys” (a model created by Moxie Marlinspike for TextSecure) and a one-time asymmetric setup key. The Diffie-Hellman setup key is generated by the creator of a group chat, and is only used during session creation, allowing the group leader to create secret “leaf keys” for other group members while they're offline.

To add PCS to this, Alice needs a way to replace a leaf key if hers is compromised, and other group members need to be able to get the new key.

To get a new leaf key, Alice “computes the new public keys at all nodes along the path from her leaf to the tree root, and broadcasts to the group her public leaf key together with these public keys.”

The protocol then lets other group members compute the updated group key, “again without requiring any two group members to be online at the same time”.

The implementation Facebook published is offered under a Creative Commons license. ®

*Bootnote: There's no significance whatever to the IACR paper's filename being "666.pdf", we're sure you'll agree.

Update: Here's one possible reason Faceboook got to work on multi-party chat encryption: last July, a group of German researchers published their analysis of WhatsApp, Signal, and Threema group chat security.

This paper, first posted in July 2017, didn't attract media attention at the time. However, its language closely mirrors the problem statement Facebook put forward – including the lack of Future Secrecy when private messaging is used for groups.

The older paper was updated earlier this month to add a reference to the Facebook ART paper.

Similar topics

Narrower topics


Other stories you might like

  • Meta agrees to tweak ad system after US govt brands it discriminatory
    And pay the tiniest of fines, too

    Facebook parent Meta has settled a complaint brought by the US government, which alleged the internet giant's machine-learning algorithms broke the law by blocking certain users from seeing online real-estate adverts based on their nationality, race, religion, sex, and marital status.

    Specifically, Meta violated America's Fair Housing Act, which protects people looking to buy or rent properties from discrimination, it was claimed; it is illegal for homeowners to refuse to sell or rent their houses or advertise homes to specific demographics, and to evict tenants based on their demographics.

    This week, prosecutors sued Meta in New York City, alleging the mega-corp's algorithms discriminated against users on Facebook by unfairly targeting people with housing ads based on their "race, color, religion, sex, disability, familial status, and national origin."

    Continue reading
  • Metaverse progress update: Some VR headset prototypes nowhere near shipping
    But when it does work, bet you'll fall over yourselves to blow ten large on designer clobber for your avy

    Facebook owner Meta's pivot to the metaverse is drawing significant amounts of resources: not just billions in case, but time. The tech giant has demonstrated some prototype virtual-reality headsets that aren't close to shipping and highlight some of the challenges that must be overcome.

    The metaverse is CEO Mark Zuckerberg's grand idea of connected virtual worlds in which people can interact, play, shop, and work. For instance, inhabitants will be able to create avatars to represent themselves, wearing clothes bought using actual money – with designer gear going for five figures.

    Apropos of nothing, Meta COO Sheryl Sandberg is leaving the biz.

    Continue reading
  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading

Biting the hand that feeds IT © 1998–2022