Group Instant Messaging: Why Blaming Developers Is Not Fair But Enhancing The Protocols Would Be Appropriate

After presenting our work at Real World Crypto 2018 [1] and seeing the enormous press coverage, we want to get two things straight: 1. Most described weaknesses are only exploitable by the malicious server or by knowing a large secret number and thereby the protocols are still very secure (what we wrote in the paper but some newspapers did not adopt) and 2. we see ways to enhance the WhatsApp protocol without breaking its features.


We are of course very happy that our research reached so many people and even though IT security and cryptography are often hard to understand for outsiders, Andy Greenberg [2], Patrick Beuth [3] and other journalists [4,5,6,7,8] wrote articles that were understandable on the one hand and very accurate and precise on the other hand. In contrast to this, we also saw some inaccurate articles [9,10] that fanned fear and greatly diverged in their description from what we wrote in our paper. We expected this from the boulevard press in Germany and therefore asked them to stick to the facts when they were contacting us. But none of the worst two articles' [9,10] authors contacted us in advance. Since our aim was never to blame any application or protocol but rather we wanted to encourage the developers to enhance the protocols, it contradicts our aim that WhatsApp and Signal are partially declared attackable by "anyone" "easily" [9,10].

Against this background, we understand Moxie's vexation about certain headlines that were on the Internet in the last days [11]. However, we believe that the ones who understand the weaknesses, comprehend that only the malicious server can detectably make use of them (in WhatsApp) or the secret group ID needs to be obtained from a member (in Signal). As such, we want to make clear that our paper does not primarily focus on the description of weaknesses but presents a new approach for analyzing and evaluating the security of group instant messaging protocols. Further we propose measures to enhance the analyzed protocols. The description of the protocols' weaknesses is only one part of the evaluation of our analysis approach and thereby of the investigation of real world protocols. This is the scientific contribution of our paper. The practical contribution of the analyzed messengers, which is the communication confidentiality for billion users (in most cases), is great and should be noted. Therefore we believe that being Signal, WhatsApp, or Threema by applying encryption to all messages and consequently risking research with negative results is much better than being a messenger that does not encrypt group messages end-to-end at all. We do not want to blame messengers that are far less secure (read Moxie's post [11] if you are interested).

Finally we want note that applying security measures according to the ticket approach (as we call it in the paper [12]) to the invitation links would solve the issues that Facebook's security head mentioned in his reply [13] on our findings. To our knowledge, adding authenticity to group update messages would not affect invitation links: If no invitation link was generated for a group, group members should only accept joining users if they were added by an authentic group update message. As soon as a group invitation link was generated, all joining users would need to be accepted as new group members with the current design. However there are plenty ways how WhatsApp could use invitation links without endowing the server with the power to manage groups without the group admins' permission:
One approach would be generating the invitation links secretly and sharing them without the knowledge of the server. An invitation link could then contain a secret ticket for the group and the ID of the group. As soon as a user, who received the link, wants to join the group, she can request the server with the group ID to obtain all current group members. The secret ticket can now be sent to all existing group members encrypted such that the legitimate join can be verified.

Of course this would require engineering but the capability of WhatsApp, shipping drastic protocol updates, can be assumed since they applied end-to-end encryption in the first place.

[1] https://www.youtube.com/watch?v=i5i38WlHfds
[2] https://www.wired.com/story/whatsapp-security-flaws-encryption-group-chats/
[3] http://www.spiegel.de/netzwelt/apps/whatsapp-gruppenchats-schwachstelle-im-verschluesselungs-protokoll-a-1187338.html
[4] http://www.sueddeutsche.de/digital/it-sicherheit-wie-fremde-sich-in-whatsapp-gruppenchats-einladen-koennen-1.3821656
[5] https://techcrunch.com/2018/01/10/security-researchers-flag-invite-bug-in-whatsapp-group-chats/
[6] http://www.telegraph.co.uk/technology/2018/01/10/whatsapp-bug-raises-questions-group-message-privacy/
[7] http://www.handelsblatt.com/technik/it-internet/verschluesselung-umgangen-forscher-finden-sicherheitsluecke-bei-whatsapp/20836518.html
[8] https://www.heise.de/security/meldung/WhatsApp-und-Signal-Forscher-beschreiben-Schwaechen-verschluesselter-Gruppenchats-3942046.html
[9] https://www.theinquirer.net/inquirer/news/3024215/whatsapp-bug-lets-anyone-easily-infiltrate-private-group-chats
[10] http://www.dailymail.co.uk/sciencetech/article-5257713/WhatsApp-security-flaw-lets-spy-private-chats.html
[11] https://news.ycombinator.com/item?id=16117487
[12] https://eprint.iacr.org/2017/713.pdf
[13] https://twitter.com/alexstamos/status/951169036947107840

Further articles:
- Matthew Green's blog post: https://blog.cryptographyengineering.com/2018/01/10/attack-of-the-week-group-messaging-in-whatsapp-and-signal/
- Schneier on Security: https://www.schneier.com/blog/archives/2018/01/whatsapp_vulner.html
- Bild: http://www.bild.de/digital/smartphone-und-tablet/whatsapp/whatsapp-sicherheitsluecke-in-gruppenchats-54452080.bild.html
- Sun: https://www.thesun.co.uk/tech/5316110/new-whatsapp-bug-how-to-stay-safe/

Related news


  1. Nsa Hack Tools
  2. Kik Hack Tools
  3. Hacker Tool Kit
  4. Pentest Tools Online
  5. Pentest Tools Nmap
  6. Pentest Tools Windows
  7. Ethical Hacker Tools
  8. Hack Rom Tools
  9. Hacker Tools Linux
  10. Hacking Tools
  11. Bluetooth Hacking Tools Kali
  12. Termux Hacking Tools 2019
  13. How To Make Hacking Tools
  14. Hack Tools For Windows
  15. Easy Hack Tools
  16. Android Hack Tools Github
  17. Best Pentesting Tools 2018
  18. Hacking Tools 2019
  19. Pentest Box Tools Download
  20. Hack Tools Download
  21. Hacking Tools For Windows 7
  22. Hack Apps
  23. Wifi Hacker Tools For Windows
  24. Hacker Tools 2019
  25. Best Hacking Tools 2019
  26. How To Install Pentest Tools In Ubuntu
  27. Hack Tools Online
  28. New Hack Tools
  29. Hacker Techniques Tools And Incident Handling
  30. Hack Tools For Ubuntu
  31. Pentest Tools Free
  32. Pentest Tools List
  33. Android Hack Tools Github
  34. Hacker Tools Free
  35. Hack Tools
  36. Nsa Hack Tools
  37. Hak5 Tools
  38. Hacking Apps
  39. Android Hack Tools Github
  40. Hack Tools For Pc
  41. Hack Tool Apk
  42. Pentest Tools Framework
  43. Hacking Tools
  44. Kik Hack Tools
  45. Hacking Tools 2020
  46. Pentest Tools Android
  47. Hacking Tools Download
  48. Hacker Tools 2019
  49. New Hacker Tools
  50. How To Hack
  51. Hacker Tools Windows
  52. Pentest Tools For Ubuntu
  53. Hacker Tools Free
  54. Free Pentest Tools For Windows
  55. Pentest Tools Nmap
  56. Pentest Tools Online
  57. Hacking Tools Download
  58. Nsa Hacker Tools
  59. Pentest Tools Bluekeep
  60. Hack Tools For Pc
  61. Hacker Tools Linux
  62. Best Hacking Tools 2020
  63. Pentest Tools Framework
  64. Hacker Hardware Tools
  65. Hack Tool Apk
  66. Pentest Recon Tools
  67. Pentest Tools For Mac
  68. Growth Hacker Tools
  69. Hacking Tools Name
  70. Usb Pentest Tools
  71. Hacking Tools Download
  72. Bluetooth Hacking Tools Kali
  73. Pentest Tools Port Scanner
  74. Pentest Tools Website
  75. Pentest Tools Framework
  76. Tools Used For Hacking
  77. Hacking Tools Windows 10
  78. Android Hack Tools Github
  79. Hack And Tools
  80. Computer Hacker
  81. Android Hack Tools Github
  82. Pentest Tools Download
  83. Hack Tools 2019
  84. Hacking Tools Pc
  85. Blackhat Hacker Tools
  86. Pentest Tools Website Vulnerability
  87. Hacking Tools For Windows
  88. Pentest Tools Port Scanner
  89. Hacker
  90. Hacking Tools 2020
  91. Game Hacking
  92. Kik Hack Tools
  93. Hacking Tools Kit
  94. Hacking Tools For Kali Linux
  95. Pentest Tools Windows
  96. Pentest Tools Windows
  97. Hacking Tools
  98. Hacking Tools Windows
  99. Pentest Tools Bluekeep
  100. Hack App
  101. Pentest Tools Android
  102. Hacking App
  103. Pentest Automation Tools
  104. Pentest Tools Alternative
  105. Hackrf Tools
  106. What Is Hacking Tools
  107. Hacking Tools For Windows 7
  108. Hacking Tools For Windows 7
  109. Hacker Tool Kit
  110. Free Pentest Tools For Windows
  111. Pentest Tools Windows
  112. Hacks And Tools
  113. Best Hacking Tools 2020
  114. Pentest Tools Download
  115. Kik Hack Tools
  116. Hacker Tool Kit
  117. Best Hacking Tools 2020
  118. Pentest Tools For Windows
  119. Pentest Tools Website
  120. Hack Tools Github
  121. Pentest Tools Apk
  122. Hacking Tools Usb
  123. Free Pentest Tools For Windows
  124. How To Make Hacking Tools
  125. Hacker Tool Kit
  126. Hack Tools
  127. Hacking Apps
  128. Hack Tools For Pc
  129. Hacker
  130. Hack Tool Apk
  131. Hacker Tools Linux
  132. Hacking Tools
  133. Wifi Hacker Tools For Windows
  134. Tools For Hacker
  135. Pentest Tools Bluekeep
  136. Hackrf Tools
  137. How To Hack
  138. Hacker Tools Software
  139. Pentest Tools Nmap
  140. Hacking Tools Software
  141. Hack Tools Mac
Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)