Security

Facebook has open-sourced encrypted group chat

Governments hate encrypted chat tools on social media, so brace for outrage in 3 ... 2 ...

Got Tips? 31
SHARE

Updated Facebook has responded to governments' criticism of cryptography by giving the world an open source encrypted group chat tool.

It's hardly likely to endear the ad-farm to people like FBI Director Christopher Wray, who yesterday told an international infosec conference it was “ridiculous” that the Feds have seized nearly 8,000 phones they can't access. UK prime minister Theresa May has also called for backdoors in messaging services and for social networks to stop offering "safe spaces" for extremists.

Facebook's latest project, which went live on GitHub yesterday, tackles the problem of protecting group chat. ART, Asynchronous Ratcheting Tree, was created by Facebook's Jon Millican and Oxford University's Katriel Cohn-Gordon, Cas Cremers, Luke Garratt and Kevin Milner.

As the group explains in a December paper* [PDF] about ART at the International Association for Cryptologic Research (IACR) pre-press site, existing chat solutions are great between individuals but not so good at protecting group chats.

In group chats, the paper said, “WhatsApp, Facebook Messenger and the Signal app … use a simpler key-transport mechanism ('sender keys') which does not achieve PCS” - that's post-compromise security – if Alice realises a conversation is compromised, the system has a means re-establish secure communications).

The shortcomings of those apps, the group wrote, means if someone hacks one member of a group, they can “indefinitely and passively read future communications in that group … In practice this means that in these apps, if a third party is added to a two-party communication, the security of the communication is decreased without informing the users.”

To protect group chats, ART “derives a group key for a set of agents” that's secure even if some members aren't online, and “even after total compromise, an agent can participate in a secure group key exchange.”

The ART scheme sets up conversations using what the paper calls “asymmetric prekeys” (a model created by Moxie Marlinspike for TextSecure) and a one-time asymmetric setup key. The Diffie-Hellman setup key is generated by the creator of a group chat, and is only used during session creation, allowing the group leader to create secret “leaf keys” for other group members while they're offline.

To add PCS to this, Alice needs a way to replace a leaf key if hers is compromised, and other group members need to be able to get the new key.

To get a new leaf key, Alice “computes the new public keys at all nodes along the path from her leaf to the tree root, and broadcasts to the group her public leaf key together with these public keys.”

The protocol then lets other group members compute the updated group key, “again without requiring any two group members to be online at the same time”.

The implementation Facebook published is offered under a Creative Commons license. ®

*Bootnote: There's no significance whatever to the IACR paper's filename being "666.pdf", we're sure you'll agree.

Update: Here's one possible reason Faceboook got to work on multi-party chat encryption: last July, a group of German researchers published their analysis of WhatsApp, Signal, and Threema group chat security.

This paper, first posted in July 2017, didn't attract media attention at the time. However, its language closely mirrors the problem statement Facebook put forward – including the lack of Future Secrecy when private messaging is used for groups.

The older paper was updated earlier this month to add a reference to the Facebook ART paper.

Sign up to our NewsletterGet IT in your inbox daily

31 Comments

Keep Reading

Western Digital shingled out in lawsuit for allegedly sneaking RAID-unfriendly tech into drives for RAID arrays

Probing by El Reg's Chris Mellor highlighted in class-action complaint

Western Digital hands chief exec seat to boss of Cisco's networking and security biz

David Goeckeler finally gets keys to his own kingdom, says he's stoked to ride 'massive wave of new opportunity'

Western Digital: We're just about DDN with these data centre systems

IntelliFlash flogged to big data storage firm, ActiveScale on the block

MAMR Mia! Western Digital's 18TB and 20TB microwave-energy hard drives out soon

No volume ships until mid-2020, though

Western Digital invites frenemies to help hash out storage standards of the future-ture-ture-ture

Call for industry giants to get zoned in on SMR, ZNS drives

Super-leaker Snowden punts free PDF* of tell-all NSA book with censored parts about China restored, underlined

* In Simplified Chinese

WD you like to know the damage? Analyst predicts sales dip ahead for Western Digital

NAND revenues and disk drive topline downbound until mid-year - Wells Fargo

RISC-V Xmas gifts: SiFive emits vector-enabled cores, Western Digital teases new SweRVs, VxWorks hugs ISA, Samsung rolls it into 5G...

Updated More stuff that'll get under Arm's skin

Western Digital bought Upthere, and just sent its software out there

Storage company's core project joins the GitHub undead

Weak flash demand and disk sales leave Western Digital scrabbling to claw back $800m a year

Revenue drops 20% as market slackens, with worse to come

Tech Resources

2020 Phishing by Industry Benchmarking Report

As cybercrime continues to surge, security leaders must understand that there is no such thing as a perfect, fool-proof, impenetrable secure environment.

Security Orchestration and Automation Playbook

This playbook highlights some of the most common use cases for security orchestration and automation, as well as useful tips on how to get started.

Top Threats to Cloud Computing: The Egregious 11

This CSA’s 43-page report shines a light on the challenges security teams face, offers key takeaways from experts in the field, shares security guidance, and shows where CSA’s cloud control matrix, or CCM, provides coverage.

You need to simplify remote office backup – and here’s why

Cloud backup has a compelling value proposition for every enterprise looking to protect their data.