Governments hate encrypted chat tools on social media, so brace for outrage in 3 ... 2 ... Facebook has responded to
Governments hate encrypted chat tools on social media, so brace for outrage in 3 … 2 …
Facebook has responded to governments’ criticism of cryptography by giving the world an open source encrypted group chat tool.
It’s hardly likely to endear the ad-farm to people like FBI Director Christopher Wray, who yesterday told an international infosec conference it was âridiculousâ that the Feds have seized nearly 8,000 phones they can’t access. UK prime minister Theresa May has also called for backdoors in messaging services and for social networks to stop offering “safe spaces” for extremists.
Facebook’s latest project, which went live on GitHub yesterday, tackles the problem of protecting group chat. ART, Asynchronous Ratcheting Tree, was created by Facebook’s Jon Millican and Oxford University’s Katriel Cohn-Gordon, Cas Cremers, Luke Garratt and Kevin Milner.
As the group explains in a December paper* [PDF] about ART at the International Association for Cryptologic Research (IACR) pre-press site, existing chat solutions are great between individuals but not so good at protecting group chats.
In group chats, the paper said, âWhatsApp, Facebook Messenger and the Signal app â¦ use a simpler key-transport mechanism (‘sender keys’) which does not achieve PCSâ – that’s post-compromise security â if Alice realises a conversation is compromised, the system has a means re-establish secure communications).
The shortcomings of those apps, the group wrote, means if someone hacks one member of a group, they can âindefinitely and passively read future communications in that group â¦ In practice this means that in these apps, if a third party is added to a two-party communication, the security of the communication is decreased without informing the users.â
To protect group chats, ART âderives a group key for a set of agentsâ that’s secure even if some members aren’t online, and âeven after total compromise, an agent can participate in a secure group key exchange.â
The ART scheme sets up conversations using what the paper calls âasymmetric prekeysâ (a model created by Moxie Marlinspike for TextSecure) and a one-time asymmetric setup key. The Diffie-Hellman setup key is generated by the creator of a group chat, and is only used during session creation, allowing the group leader to create secret âleaf keysâ for other group members while they’re offline.
To add PCS to this, Alice needs a way to replace a leaf key if hers is compromised, and other group members need to be able to get the new key.
To get a new leaf key, Alice âcomputes the new public keys at all nodes along the path from her leaf to the tree root, and broadcasts to the group her public leaf key together with these public keys.â
The protocol then lets other group members compute the updated group key, âagain without requiring any two group members to be online at the same timeâ.
The implementation Facebook published is offered under a Creative Commons license. Â®
*Bootnote: There’s no significance whatever to the IACR paper’s filename being “666.pdf”, we’re sure you’ll agree.