Abstract
In a survey of six widely used end-to-end encrypted messaging applications, we consider the post-compromise recovery process from the perspective of what security audit functions, if any, are in place to detect and recover from attacks. Our investigation reveals audit functions vary in the extent to which they rely on the end user. We argue developers should minimize dependence on users and view them as a residual, not primary, risk mitigation strategy. To provide robust communications security, E2EE applications need to avoid protocol designs that dump too much responsibility on naive users and instead make system components play an appropriate role.
J. Blessing and P. D. Chowdhury–These authors contributed equally to this work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We were unable to make contact with Wickr Me.
References
Ventura, V.: in(Secure) messaging apps - how side-channel attacks can compromise privacy in WhatsApp, Telegram, and Signal. https://blog.talosintelligence.com/2018/12/secureim.html
Akgul, O., Bai, W., Das, S., Mazurek, M.L.: Evaluating \(\{\)In-Workflow\(\}\) messages for improving mental models of \(\{\)End-to-End\(\}\) encryption. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 447–464 (2021)
BBC: Moxie Marlinspike leaves encrypted-messaging app Signal. https://www.bbc.co.uk/news/technology-59937614
Ceci, J., Stegman, J., Khan, H.: No privacy in the electronics repair industry. arXiv preprint arXiv:2211.05824 (2022)
Chowdhury, P.D., Hernández, A.D., Ramokapane, M., Rashid, A.: From utility to capability: a new paradigm to conceptualize and develop inclusive pets. In: New Security Paradigms Workshop. Association for Computing Machinery (ACM) (2022)
Chowdhury, P.D., et al.: Threat models over space and time: a case study of E2EE messaging applications. arXiv preprint arXiv:2301.05653 (2023)
Howell, C., Leavy, T., Alwen, J.: Wickr messaging protocol technical paper. https://wickr.com/wp-content/uploads/2019/12/WhitePaper_WickrMessagingProtocol.pdf
Christianson, Bruce: Auditing against impossible abstractions. In: Christianson, Bruce, Crispo, Bruno, Malcolm, James A.., Roe, Michael (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 60–64. Springer, Heidelberg (2000). https://doi.org/10.1007/10720107_8
Cremers, C., Fairoze, J., Kiesl, B., Naska, A.: Clone detection in secure messaging: improving post-compromise security in practice. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1481–1495 (2020)
Cremers, C., Jacomme, C., Naska, A.: Formal analysis of session-handling in secure messaging: lifting security from sessions to conversations. In: Usenix Security (2023)
Element: matrix specification. https://element.io/enterprise/end-to-end-encryption
Hu, H., Wang, G.: \(\{\)End-to-End\(\}\) measurements of email spoofing attacks. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1095–1112 (2018)
Levy, I., Robinson, C.: Principles for a more informed exceptional access debate. https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate
Albrecht, M.R., Celi, S., Dowling, B., Jones, D.: Practically-exploitable cryptographic vulnerabilities in matrix. https://nebuchadnezzar-megolm.github.io/static/paper.pdf
Matrix: upgrade now to address E2EE vulnerabilities in matrix-JS-SDK, matrix-IOS-SDK and matrix-android-sdk2. https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients
Paterson, K.G., Scarlata, M., Truong, K.T.: Three lessons from threema: analysis of a secure messenger
Renaud, K., Coles-Kemp, L.: Accessible and inclusive cyber security: a nuanced and complex challenge. SN Comput. Sci. 3(5), 1–14 (2022)
Sasse, A.: Scaring and bullying people into security won’t work. IEEE Secur. Priv. 13(3), 80–83 (2015)
Lawlor, S., Lewi, K.: Deploying key transparency at WhatsApp. https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/
Signal community forum: vulnerabilities. https://community.signalusers.org/t/vulnerabilities/4548/7
Signal-desktop GitHub: add option to lock the application. https://github.com/signalapp/Signal-Desktop/issues/452#issuecomment-162622211
Signal-Desktop GitHub: all exported data (messages + attachments) are *NOT* encrypted on disk during (and after) the upgrade process! https://github.com/signalapp/Signal-Desktop/issues/2815#issuecomment-433556965
Signal-Desktop GitHub: based upon Kevinsbranch encrypted key in config.json using cryptojs & & start performance fix. https://github.com/signalapp/Signal-Desktop/pull/5465#issuecomment-923300524
Telegram: MTProto Mobile Protocol. https://core.telegram.org/mtproto/description
The Matrix.org Foundation: “Client-Server API (unstable), May 2021”. https://spec.matrix.org/unstable/client-server-api/
Threema: Version history. https://threema.ch/en/versionhistory
UK Parliament: Online Safety Bill. https://bills.parliament.uk/bills/3137
Vasile, Diana A.., Kleppmann, Martin, Thomas, Daniel R.., Beresford, Alastair R..: Ghost trace on the wire? Using key evidence for informed decisions. In: Anderson, Jonathan, Stajano, Frank, Christianson, Bruce, Matyáš, Vashek (eds.) Security Protocols 2019. LNCS, vol. 12287, pp. 245–257. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-57043-9_23
Vaziripour, E., et al.: Is that you, alice? a usability study of the authentication ceremony of secure messaging applications. In: Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), pp. 29–47 (2017)
Viber: Viber Encryption Overview. https://www.viber.com/app/uploads/viber-encryption-overview.pdf
Wu, J., et al.: Something isn’t secure, but i’m not sure how that translates into a problem: promoting autonomy by designing for understanding in signal. In: Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), pp. 137–153 (2019)
Yang, Y., West, J., Thiruvathukal, G.K., Klingensmith, N., Fawaz, K.: Are you really muted?: a privacy analysis of mute buttons in video conferencing apps. Proceed. Priv. Enhan. Technol. 3, 373–393 (2022)
Acknowledgements
– We thank Bruce Christianson for the discussions and feedback reflected in the paper.
– This University of Bristol team is supported by REPHRAIN: National Research centre on Privacy, Harm Reduction and Adversarial Influence online (EPSRC Grant: EP/V011189/1).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Blessing, J., Chowdhury, P.D., Sameen, M., Anderson, R., Gardiner, J., Rashid, A. (2023). Towards Human-Centric Endpoint Security. In: Stajano, F., Matyáš, V., Christianson, B., Anderson, J. (eds) Security Protocols XXVIII. Security Protocols 2023. Lecture Notes in Computer Science, vol 14186. Springer, Cham. https://doi.org/10.1007/978-3-031-43033-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-031-43033-6_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-43032-9
Online ISBN: 978-3-031-43033-6
eBook Packages: Computer ScienceComputer Science (R0)