\u5e26\u7740\u8fd9\u4e9b\u76ee\u6807\uff0c\u6211\u4eec\u5728\u8fc7\u53bb\u51e0\u4e2a\u6708\u91cc\u4e0eCyanogenMod\u56e2\u961f\u4e00\u8d77\u5408\u4f5c\u3002CM\u662f\u4e00\u5bb6\u5f00\u6e90\u7684Android\u7cfb\u7edf\u56fa\u4ef6\u5f00\u53d1\u5546\uff0c\u76ee\u524d\u5df2\u6709\u5343\u4e07\u7ea7\u7684\u7528\u6237\uff0c\u4e14\u6bcf\u5929\u90fd\u6709\u7ea62\u4e07\u65b0\u589e\u5b89\u88c5\u7528\u6237\u3002CM\u7684\u5feb\u901f\u6210\u957f\uff0c\u90fd\u5df2\u7ecf\u5feb\u8d76\u4e0a\u5fae\u8f6f\u8fd9\u4e2a\u7b2c3\u5927\u667a\u80fd\u7cfb\u7edf\u5f00\u53d1\u5546\u4e86\u3002<\/p>\n
As of today, the TextSecure protocol will begin shipping as part of the CyanogenMod OS-level SMS provider, in an effort to provide completely transparent end-to-end text message encryption between all of their users.<\/p>\n
\u4eca\u5929\uff0cTextSecure\u534f\u8bae\u5c06\u4f5c\u4e3aCM\u7cfb\u7edf\u7ea7SMS\u5e94\u7528\u7684\u4e00\u90e8\u5206\uff0c\u5411\u6240\u6709CM\u7528\u6237\u63d0\u4f9b\u5b8c\u5168\u900f\u660e\u7684\uff0c\u7aef\u5230\u7aef\u7684SMS\u4fe1\u606f\u52a0\u5bc6\u3002<\/p>\n
<\/p>\n
Integration<\/h2>\n
We\u2019ve modified the Cyanogen SMS\/MMS provider to speak the\u00a0TextSecure<\/a>\u00a0protocol. If an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS.<\/p>\n The result is a system where a CyanogenMod user can choose to use any SMS app they\u2019d like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all.<\/p>\n Here\u2019s how an encrypted conversation looks:<\/p>\n There\u2019s no visible difference. Nothing at all changes for the user, and the entire process is completely transparent. The user doesn\u2019t have to initiate a key exchange and wait for a round trip to complete, or know that the recipient is \u201conline.\u201d They simply send a message, and it\u2019s sent immediately. Everything works just like the normal asynchronous SMS experience, even if the recipient doesn\u2019t have their device on.<\/p>\n The demo above uses the stock Messaging app, but users could choose to install any other SMS app instead, with the same effect. We will also be adding some minimal visual feedback to the stock CyanogenMod Messaging app to indicate when the user has an expectation of privacy and when they don\u2019t, but the base experience won\u2019t change at all.<\/p>\n Technical users have the option to verify identity keys, and all users are notified if an identity key changes.<\/p>\n This project incorporates all of the TextSecure protocol features. The encryption layer is the\u00a0TextSecure V2<\/a>\u00a0protocol, which employs the\u00a0Axolotl forward secrecy ratchet<\/a>\u00a0for forward secrecy and the\u00a03DHE agreement<\/a>\u00a0for deniable messages.<\/p>\n The TextSecure V2 cryptographic primitives are Curve25519, AES-256, and HmacSHA256.<\/p>\n The transport protocol is the\u00a0TextSecure Push API<\/a>, which makes use of a\u00a0prekey system<\/a>\u00a0to obtain forward secrecy in an asynchronous messaging environment.<\/p>\n The client logic is contained in a CyanogenMod system app called\u00a0WhisperPush<\/a>, which the system hands outgoing SMS messages to for optional delivery. The Cyanogen team runs their own TextSecure server for WhisperPush clients, which federates with the Open WhisperSystems\u00a0TextSecure server<\/a>, so that both clients can exchange messages with each-other seamlessly. All of the code involved throughout the entire stack is fully Open Source.<\/p>\n This effort marks the beginning of our transition to the data channel as a TextSecure transport, which should hopefully open up a host of ongoing opportunities. With the\u00a0TextSecure iOS client<\/a>\u00a0nearing completion and a TextSecure browser extension about to get underway, soon we will have a truly cross platform seamless asynchronous messaging system built on open protocols and open source software, with an already massive user base.<\/p>\n Cyanogen deserves enormous praise for their substantial commitment of time and resources to this development effort. Their genuine resolve to protect their users from large-scale dragnet surveillance is truly remarkable in a world where most companies are instead angling to collect as much information about their users as possible. They\u2019ve set the bar high for themselves, but I think we can expect more great things from them in the future.<\/p>\n Want to help support Open WhisperSystems? The Freedom Of The Press Foundation is\u00a0accepting tax-deductable donations<\/a>\u00a0for us and other important projects in this space.<\/p>\n \u2013\u00a0Moxie Marlinspike<\/a>, 09 December 2013<\/p>\n","protected":false},"excerpt":{"rendered":"![\"\"](\"https:\/\/whispersystems.org\/blog\/images\/cyanogenmod-screenshot.png\")
<\/p>\nTechnical Details<\/h2>\n
The Future<\/h2>\n