TextSecure was an encrypted messaging application for Android that was developed from 2010 to 2015. It was a predecessor to Signal and the first application to use the Signal Protocol , which has since been implemented into WhatsApp and other applications. TextSecure used end-to-end encryption to secure the transmission of text messages, group messages, attachments and media messages to other TextSecure users.
48-515: TextSecure was first developed by Whisper Systems , who were later acqui-hired by Twitter . The application's source code was then released under a free and open-source software license. In 2013, TextSecure's development was picked up by an independent group called Open Whisper Systems , who merged it with an encrypted voice calling application called RedPhone and renamed the product as Signal. TextSecure started as an application for sending and receiving encrypted SMS messages. Its beta version
96-459: A Wi-Fi access point hosting a network without encryption could insert themselves as a man in the middle. As it aims to circumvent mutual authentication, a MITM attack can succeed only when the attacker impersonates each endpoint sufficiently well to satisfy their expectations. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, TLS can authenticate one or both parties using
144-445: A man-in-the-middle ( MITM ) attack , or on-path attack , is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, where in actuality the attacker has inserted themselves between the two user parties. One example of a MITM attack is active eavesdropping , in which the attacker makes independent connections with
192-552: A blog post in which they said that they had audited several of the projects supported by the Open Technology Fund over the past year, including TextSecure. In October 2014, researchers from Ruhr University Bochum published an analysis of the TextSecure encryption protocol. Among other findings, they presented an unknown key-share attack on the protocol, but in general, they found that the encrypted chat client
240-655: A certain amount of time to perform a particular transaction. If one transaction, however, were to take an abnormal length of time to reach the other party, this could be indicative of a third party's presence interfering with the connection and inserting additional latency in the transaction. Quantum cryptography , in theory, provides tamper-evidence for transactions through the no-cloning theorem . Protocols based on quantum cryptography typically authenticate part or all of their classical communication with an unconditionally secure authentication scheme. As an example Wegman-Carter authentication . Captured network traffic from what
288-462: A collaborative Open Source project for the continued development of TextSecure and RedPhone. Open Whisper Systems consisted of a large community of volunteer Open Source contributors, as well as a small team of dedicated grant-funded developers. In November 2015, Open Whisper Systems merged TextSecure with RedPhone and renamed it as Signal . In 2018, Signal Messenger was incorporated as an LLC by Moxie Marlinspike and Brian Acton and then rolled under
336-435: A firewall and tools for encrypting other forms of data. On November 28, 2011, Whisper Systems announced that it had been acquired by Twitter . The financial terms of the deal were not disclosed by either company. The acquisition was done "primarily so that Mr. Marlinspike could help the then-startup improve its security". Shortly after the acquisition, Whisper Systems' RedPhone service was made unavailable. Some criticized
384-501: A given message has come from a legitimate source. Tamper detection merely shows evidence that a message may have been altered and has broken integrity. All cryptographic systems that are secure against MITM attacks provide some method of authentication for messages. Most require an exchange of information (such as public keys) in addition to the message over a secure channel . Such protocols, often using key-agreement protocols , have been developed with different security requirements for
432-417: A human in the loop in order to successfully initiate the transaction. HTTP Public Key Pinning (HPKP), sometimes called "certificate pinning", helps prevent a MITM attack in which the certificate authority itself is compromised, by having the server provide a list of "pinned" public key hashes during the first transaction. Subsequent transactions then require one or more of the keys in the list must be used by
480-418: A mutually trusted certificate authority . Suppose Alice wishes to communicate with Bob . Meanwhile, Mallory wishes to intercept the conversation to eavesdrop (breaking confidentiality) with the option to deliver a false message to Bob under the guise of Alice (breaking non-repudiation). Mallory would perform a man-in-the-middle attack as described in the following sequence of events. This example shows
528-507: A phone number for verification. The number did not have to be the same as on the device's SIM card; it could also be a VoIP number or a landline as long as the user could receive the verification code and have a separate device to set-up the software. A number could only be registered to one device at a time. The official TextSecure client required Google Play Services because the app was dependent on Google's GCM push messaging framework. From February 2014 to March 2015, TextSecure used GCM as
SECTION 10
#1732790516660576-473: A security breach of the Dutch certificate authority DigiNotar resulted in the fraudulent issuing of certificates . Subsequently, the fraudulent certificates were used to perform MITM attacks. In 2013, Nokia 's Xpress Browser was revealed to be decrypting HTTPS traffic on Nokia's proxy servers , giving the company clear text access to its customers' encrypted browser traffic. Nokia responded by saying that
624-442: A time period after which the application "forgot" the passphrase, providing an additional protection mechanism in case the phone was lost or stolen. TextSecure had a built-in function for verifying that the user was communicating with the right person and that no man-in-the-middle attack had occurred. This verification could be done by comparing key fingerprints (in the form of QR codes ) in person. The application would also notify
672-404: A wide selection of emoticons over a data connection (e.g. Wi-Fi , 3G or 4G ) to other TextSecure users with smartphones running Android. TextSecure also allowed users to exchange unencrypted SMS and MMS messages with people who did not have TextSecure. Messages sent with TextSecure to other TextSecure users were automatically end-to-end encrypted, which meant that they could only be read by
720-554: Is suspected to be an attack can be analyzed in order to determine whether there was an attack and, if so, determine the source of the attack. Important evidence to analyze when performing network forensics on a suspected attack includes: A Stingray phone tracker is a cellular phone surveillance device that mimics a wireless carrier cell tower in order to force all nearby mobile phones and other cellular data devices to connect to it. The tracker relays all communications back and forth between cellular phones and cell towers. In 2011,
768-507: Is to only authenticate the server, which means mutual authentication is not always employed and MITM attacks can still occur. Attestments, such as verbal communications of a shared value (as in ZRTP ), or recorded attestments such as audio/visual recordings of a public key hash are used to ward off MITM attacks, as visual media is much more difficult and time-consuming to imitate than simple data packet communication. However, these methods require
816-643: The Electronic Frontier Foundation (EFF) included TextSecure in their updated Surveillance Self-Defense guide. In November 2014, TextSecure received a perfect score on the EFF's Secure Messaging Scorecard. TextSecure received points for having communications encrypted in transit, having communications encrypted with keys the providers don't have access to ( end-to-end encryption ), making it possible for users to independently verify their correspondent's identities, having past communications secure if
864-609: The Knight Foundation , the Shuttleworth Foundation , and the Open Technology Fund , a U.S. government funded program that has also supported other privacy projects like the anonymity software Tor and the encrypted instant messaging app Cryptocat . Whisper Systems Whisper Systems was an American enterprise mobile security company that was co-founded by security researcher Moxie Marlinspike and roboticist Stuart Anderson in 2010. The company
912-442: The content was not stored permanently, and that the company had organizational and technical measures to prevent access to private information. In 2017, Equifax withdrew its mobile phone apps following concern about MITM vulnerabilities. Bluetooth , a wireless communication protocol, has also been susceptible to man-in-the-middle attacks due to its wireless transmission of data. Other notable real-life implementations include
960-650: The conversations of "more than a billion people worldwide". The protocol combines the Double Ratchet Algorithm , prekeys, and a 3-DH handshake. It uses Curve25519 , AES-256 , and HMAC-SHA256 as primitives . The protocol provides confidentiality, integrity, authentication, participant consistency, destination validation, forward secrecy , backward secrecy (aka future secrecy), causality preservation, message unlinkability, message repudiation, participation repudiation, and asynchronicity . It does not provide anonymity preservation, and requires servers for
1008-538: The data channel. Reasons for this included: Open Whisper Systems' abandonment of SMS/MMS encryption prompted some users to create a fork named Silence (initially called SMSSecure) that is meant solely for the encryption of SMS and MMS messages. In November 2015, the RedPhone application was merged into TextSecure and it was renamed as Signal for Android . TextSecure allowed users to send encrypted text messages, audio messages, photos, videos, contact information, and
SECTION 20
#17327905166601056-502: The deal were not disclosed by either company. The acquisition was done "primarily so that Mr. Marlinspike could help the then-startup improve its security". Shortly after the acquisition, Whisper Systems' RedPhone service was made unavailable. Some criticized the removal, arguing that the software was "specifically targeted [to help] people under repressive regimes" and that it left people like the Egyptians in "a dangerous position" during
1104-571: The events of the 2011 Egyptian revolution . Twitter released TextSecure as free and open-source software under the GPLv3 license in December 2011. RedPhone was also released under the same license in July 2012. Marlinspike later left Twitter and founded Open Whisper Systems as a collaborative Open Source project for the continued development of TextSecure and RedPhone. Open Whisper Systems' website
1152-568: The independent non-profit Signal Technology Foundation . Today, the Signal app is developed by Signal Messenger LLC, which is funded by the Signal Foundation. The foundation has stated publicly that they are not tied to any major technology companies and "can never be acquired by one either." Whisper Systems' products were all made for Android and included: Man-in-the-middle attack In cryptography and computer security ,
1200-690: The initial release of Signal as a RedPhone counterpart for iOS. The developers said that their next steps would be to provide TextSecure instant messaging capabilities for iOS, unify the RedPhone and TextSecure applications on Android, and launch a web client. Signal was the first iOS app to enable easy, strongly encrypted voice calls for free. TextSecure compatibility was added to the iOS application in March 2015. Later that month, Open Whisper Systems ended support for sending and receiving encrypted SMS/MMS messages on Android. From version 2.7.0 onward, TextSecure only supported sending and receiving encrypted messages via
1248-403: The intended recipients. The keys that were used to encrypt the user's messages were stored on the device alone. In the user interface, encrypted messages were denoted by a lock icon. TextSecure allowed the user to set a passphrase that encrypted the local message database and the user's encryption keys. This did not encrypt the user's contact database or message timestamps. The user could define
1296-405: The keys are stolen ( forward secrecy ), having their code open to independent review ( open-source ), having their security designs well-documented, and having recent independent security audits. At the time, " ChatSecure + Orbot ", Cryptocat , "Signal / RedPhone", Pidgin (with OTR ), Silent Phone , Silent Text , and Telegram 's optional secret chats also received seven out of seven points on
1344-414: The need for Alice and Bob to have a means to ensure that they are truly each using each other's public keys, and not the public key of an attacker. Otherwise, such attacks are generally possible, in principle, against any message sent using public-key technology. MITM attacks can be prevented or detected by two means: authentication and tamper detection. Authentication provides some degree of certainty that
1392-510: The relaying of messages and storing of public key material. The group chat protocol is a combination of a pairwise double ratchet and multicast encryption . In addition to the properties provided by the one-to-one protocol, the group chat protocol provides speaker consistency, out-of-order resilience, dropped message resilience, computational equality, trust equality, subgroup messaging, as well as contractible and expandable membership. All client-server communications were protected by TLS . Once
1440-480: The removal, arguing that the software was "specifically targeted [to help] people under repressive regimes" and that it left people like the Egyptians in "a dangerous position" during the events of the 2011 Egyptian revolution . Twitter released TextSecure as free and open-source software under the GPLv3 license in December 2011. RedPhone was also released under the same license in July 2012. Marlinspike later left Twitter and founded Open Whisper Systems as
1488-404: The same encryption properties pairwise TextSecure chats provided. The servers did not have access to group metadata such as lists of group members, the group title, or the group avatar icon. The application could also function as a drop-in replacement for Android's native messaging application as it could fall back to sending unencrypted SMS and MMS messages. TextSecure required that the user had
TextSecure - Misplaced Pages Continue
1536-553: The scorecard. TextSecure was developed by a nonprofit software group called Open Whisper Systems. The group is funded by a combination of donations and grants , and all of its products are published as free and open-source software . As of October 2016, the project has received an unknown amount of donations from individual sponsors via the Freedom of the Press Foundation . Open Whisper Systems has received grants from
1584-458: The secure channel, though some have attempted to remove the requirement for any secure channel at all. A public key infrastructure , such as Transport Layer Security , may harden Transmission Control Protocol against MITM attacks. In such structures, clients and servers exchange certificates which are issued and verified by a trusted third party called a certificate authority (CA). If the original key to authenticate this CA has not been itself
1632-562: The server in order to authenticate that transaction. DNSSEC extends the DNS protocol to use signatures to authenticate DNS records, preventing simple MITM attacks from directing a client to a malicious IP address . Latency examination can potentially detect the attack in certain situations, such as with long calculations that lead into tens of seconds like hash functions . To detect potential attacks, parties check for discrepancies in response times. For example: Say that two parties normally take
1680-428: The server removed this layer of encryption, each message contained either the phone number of the sender or the receiver in plaintext. This metadata could in theory have allowed the creation of "a detailed overview on when and with whom users communicated". Open Whisper Systems asserted that their servers did not keep this metadata. In order to determine which contacts were also TextSecure users, cryptographic hashes of
1728-485: The subject of a MITM attack, then the certificates issued by the CA may be used to authenticate the messages sent by the owner of that certificate. Use of mutual authentication , in which both the server and the client validate the other's communication, covers both ends of a MITM attack. If the server or client's identity is not verified or deemed as invalid, the session will end. However, the default behavior of most connections
1776-553: The transport for message delivery over the data channel. From March 2015 forward, TextSecure's message delivery was done by Open Whisper Systems themselves and the client relied on GCM only for a wakeup event. TextSecure was the first application to use the Signal Protocol (then called the TextSecure Protocol), which has since been implemented into WhatsApp , Facebook Messenger , and Google Allo , encrypting
1824-416: The user if the correspondent's key fingerprint had changed. TextSecure allowed users to chat with more than one person at a time. Group chats were automatically end-to-end encrypted and held over an available data connection if all participants were registered TextSecure users. Users could create groups with a title and avatar icon, add their friends, join or leave groups, and exchange messages/media, all with
1872-606: The user's contact numbers were periodically transmitted to the server. The server then checked to see if those matched any of the SHA256 hashes of registered users and told the client if any matches were found. Moxie Marlinspike wrote that it is easy to calculate a map of all possible hash inputs to hash outputs and reverse the mapping because of the limited preimage space (the set of all possible hash inputs) of phone numbers, and that "practical privacy preserving contact discovery remains an unsolved problem". The group messaging mechanism
1920-421: The victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. In this scenario, the attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. This is straightforward in many circumstances; for example, an attacker within range of
1968-796: Was acquired by Twitter in November 2011. Some of the company's software products were released under open-source licenses after the acquisition. An independent group called Open Whisper Systems later picked up the development of this open-source software, which led to the creation of the Signal Technology Foundation . Security researcher Moxie Marlinspike and roboticist Stuart Anderson co-founded Whisper Systems in 2010. The company produced proprietary enterprise mobile security software. Among these were an encrypted texting program called TextSecure and an encrypted voice calling app called RedPhone . They also developed
TextSecure - Misplaced Pages Continue
2016-844: Was announced that the messaging protocol that was used by TextSecure had successfully been integrated into the Android-based open-source operating system CyanogenMod . From CyanogenMod 11.0 onward, the client logic was contained in a system app called WhisperPush. According to Open Whisper Systems, the Cyanogen team ran their own TextSecure server for WhisperPush clients, which federated with Open Whisper Systems' TextSecure server, so that both clients could exchange messages with each-other seamlessly. The CyanogenMod team discontinued WhisperPush in February 2016, and recommended that its users switch to Signal. The complete source code of TextSecure
2064-459: Was available on GitHub under a free software license . The software that handled message routing for the TextSecure data channel was also open source. TextSecure was officially distributed only through Google Play . In October 2015, TextSecure had been installed over 1 000 000 times through Google Play. TextSecure was briefly included in the F-Droid software repository in 2012, but
2112-420: Was designed so that the servers did not have access to the membership list, group title, or group icon. Instead, the creation, updating, joining, and leaving of groups was done by the clients, which delivered pairwise messages to the participants in the same way that one-to-one messages were delivered. The server architecture was partially decentralized between December 2013 and February 2016. In December 2013, it
2160-523: Was first launched on May 25, 2010, by Whisper Systems , a startup company co-founded by security researcher Moxie Marlinspike and roboticist Stuart Anderson. In addition to launching TextSecure, Whisper Systems produced a firewall, tools for encrypting other forms of data, and RedPhone , an application that provided encrypted voice calls. All of these were proprietary enterprise mobile security software. In November 2011, Whisper Systems announced that it had been acquired by Twitter . The financial terms of
2208-522: Was launched in January 2013. Open Whisper Systems started working to bring TextSecure to iOS in March 2013. In February 2014, Open Whisper Systems introduced the second version of their TextSecure Protocol (now Signal Protocol ), which added group chat and push messaging capabilities to TextSecure. Toward the end of July 2014, Open Whisper Systems announced plans to unify its RedPhone and TextSecure applications as Signal . This announcement coincided with
2256-482: Was removed at the developer's request because it was an unverified build and exceptionally out of date. Open Whisper Systems have subsequently said that they will not support their applications being distributed through F-Droid because it does not provide timely software updates, relies on a centralized trust model and necessitates allowing the installation of apps from unknown sources which harms Android's security for average users. In October 2013, iSEC Partners published
2304-551: Was secure. Former NSA contractor Edward Snowden endorsed TextSecure on multiple occasions. In his keynote speech at SXSW in March 2014, he praised TextSecure for its ease-of-use. During an interview with The New Yorker in October 2014, he recommended using "anything from Moxie Marlinspike and Open Whisper Systems". Asked about encrypted messaging apps during a Reddit AMA in May 2015, he recommended TextSecure. In October 2014,
#659340