At Open WhisperSystems, we’re working to both advance the state of the art for secure communication and also reduce the friction required for ordinary people to make use of it. We want everyone to have access to advanced secure communication methods that are as easy and reliable to use as making a normal phone call or sending a normal text message.
在 Open WhisperSystem,我们正在为加密技术的优化提升和普通用户使用时的便捷性而努力。我们希望每个人都能获得先进的加密通讯方式,就像我们平时打电话或发短信那样,既简单又可靠。
With these goals in mind, we’ve been working with CyanogenMod over the past few months. CyanogenMod is an open source aftermarket Android firmware distribution with ten million users and ~20k installs a day. Their rapid growth is beginning to rival Microsoft for the third largest smartphone OS distribution.
带着这些目标,我们在过去几个月里与CyanogenMod团队一起合作。CM是一家开源的Android系统固件开发商,目前已有千万级的用户,且每天都有约2万新增安装用户。CM的快速成长,都已经快赶上微软这个第3大智能系统开发商了。
As of today, the TextSecure protocol will begin shipping as part of the CyanogenMod OS-level SMS provider, in an effort to provide completely transparent end-to-end text message encryption between all of their users.
今天,TextSecure协议将作为CM系统级SMS应用的一部分,向所有CM用户提供完全透明的,端到端的SMS信息加密。
Integration
We’ve modified the Cyanogen SMS/MMS provider to speak the TextSecure protocol. If an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS.
The result is a system where a CyanogenMod user can choose to use any SMS app they’d like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all.
Here’s how an encrypted conversation looks:
There’s no visible difference. Nothing at all changes for the user, and the entire process is completely transparent. The user doesn’t have to initiate a key exchange and wait for a round trip to complete, or know that the recipient is “online.” They simply send a message, and it’s sent immediately. Everything works just like the normal asynchronous SMS experience, even if the recipient doesn’t have their device on.
The demo above uses the stock Messaging app, but users could choose to install any other SMS app instead, with the same effect. We will also be adding some minimal visual feedback to the stock CyanogenMod Messaging app to indicate when the user has an expectation of privacy and when they don’t, but the base experience won’t change at all.
Technical users have the option to verify identity keys, and all users are notified if an identity key changes.
Technical Details
This project incorporates all of the TextSecure protocol features. The encryption layer is the TextSecure V2 protocol, which employs the Axolotl forward secrecy ratchet for forward secrecy and the 3DHE agreement for deniable messages.
The TextSecure V2 cryptographic primitives are Curve25519, AES-256, and HmacSHA256.
The transport protocol is the TextSecure Push API, which makes use of a prekey system to obtain forward secrecy in an asynchronous messaging environment.
The client logic is contained in a CyanogenMod system app called WhisperPush, which the system hands outgoing SMS messages to for optional delivery. The Cyanogen team runs their own TextSecure server for WhisperPush clients, which federates with the Open WhisperSystems TextSecure server, so that both clients can exchange messages with each-other seamlessly. All of the code involved throughout the entire stack is fully Open Source.
The Future
This effort marks the beginning of our transition to the data channel as a TextSecure transport, which should hopefully open up a host of ongoing opportunities. With the TextSecure iOS client nearing completion and a TextSecure browser extension about to get underway, soon we will have a truly cross platform seamless asynchronous messaging system built on open protocols and open source software, with an already massive user base.
Cyanogen deserves enormous praise for their substantial commitment of time and resources to this development effort. Their genuine resolve to protect their users from large-scale dragnet surveillance is truly remarkable in a world where most companies are instead angling to collect as much information about their users as possible. They’ve set the bar high for themselves, but I think we can expect more great things from them in the future.
Want to help support Open WhisperSystems? The Freedom Of The Press Foundation is accepting tax-deductable donations for us and other important projects in this space.
– Moxie Marlinspike, 09 December 2013