Computer science researchers find a way to solve a big problem in the end-to-end encryption field.
End-to-end encryption technologies are becoming more widespread as messaging app users become more aware of the potential for surveillance that some applications carry, and the need to protect their privacy.
Facebook Messenger, WhatsApp and Signal all use the feature, ensuring that only the sender and recipient can read a message on a platform.
Pairs of cryptographic ‘keys’ are used so the sender can encrypt, and the recipient can decrypt and read said messages.
It’s a brilliant idea but currently, attackers can still compromise a device, potentially intercepting, reading and controlling future communications while the user is none the wiser.
Attackers could still hack into your device using a man-in-the-middle (MITM) attack, like taking control of your Wi-Fi router to intercept your messages and steal your messaging keys. Current encryption protocols, such as Signal used by WhatsApp, make the most of the fact that an MITM attacker can only intercept messages sent via the compromised network.
For example, as soon as you send a message via 3G rather than the compromised Wi-Fi, the attacker will no longer be able to act as an intermediary. They will lose track of the keys and be locked out of the conversation.
The details of a new protocol called Detecting Endpoint Compromise In Messaging (DECIM) have been published in IEEE Transactions on Information Forensics and Security.
It forces attackers to leave evidence of malicious activity and alerts the user to take action following a compromise.
It also addresses what to do in the event of an attacker being in a position to intercept all of your messages on an ongoing basis. Both the internet service provider and messaging service operator are in these positions, as all of your messages pass through their servers. If hackers obtained your keys by either of these means, they would never be locked out of a conversation and you would never know.
Privacy and peace of mind
Dr Jiangshan Yu at University of Luxembourg, Prof Mark Ryan at University of Birmingham and Prof Cas Cremers at University of Oxford were motivated by the discovery of mass software vulnerabilities, such as the Heartbleed bug, which make the majority of devices vulnerable to compromise.
Dr Yu explained: “There are excellent end-to-end encryption services out there but, by definition, they rely on your device itself remaining secure; once a device has been compromised, there’s little we can do. That’s the problem we wanted to solve.”
DECIM works by automatically certifying new key pairs, storing their certificates in a tamper-resistant public ledger. DECIM has been analysed using a symbolic protocol verification tool called the Tamarin prover, which runs millions of possible attack scenarios.
Addressing the prevalence of cyberattacks
If an attacker wanted to impersonate you to send a message, they would need to add a forged key certificate in the ledger. However, DECIM automatically generates cryptographic proof and verification, so your device will detect the fake certificate and let you know quickly.
Prof Ryan said: “Our security and privacy group tries to solve problems that are important to society. Given the prevalence of cyberattacks on phones and laptops, we are proud of this work on detecting when encryption keys have become compromised. Next, we intend to apply for this work on detecting encryption key compromise to applications, for example, in blockchain or in internet-based voting.”