Motivation
Are You Concerned That The People You Talk With Is Not The One You Want To
Are You Afraid Of Your Sensitive Information Being Leaked Out
Are You Worried About Some Organizations Spying On You All The Time
Evaluation Criteria • Supported input types • Supported message and file sizes • Support for broadcasting messages to multiple users
• Ease of use
• Implementation of secure communication protocol
• Methods for generation, exchange and storage of encryption keys
Messaging Service Comparison
Criteria SMS WhatsApp iMessage Supported input Texts Texts, images,
voice, video Texts, documents,
images, videos Support
broadcasting Yes Yes Yes
File sizes Up to 160 letters Unlimited Unlimited Cost Pay per message $0.99 annual fee Free
Ease of use All plat-forms Symbian, Android, iOS,
windows, BlackBerry
iOS5 or later
How SMS works? • In GSM Network:
• GSM Network: ü Standards governed by the European Telecommunication Standards Institute(ETSI) ü Comprised of three subsystems: Mobile Station, Base Station Subsystem, Network Subsystem
Security Flaws of SMS
• SMS messages are stored unencrypted at the SMSC ü Employees of SMSC operators ü Others who can hack into SMSC
• Encryption flaws of GSM network
GSM Security Features(Confidentiality) Data confidentiality is achieved through A8(key generation) and A5(encryption)
GSM Network Vulnerabilities • Codes for A3,A5 and A8 were leaked or crypto-analyzed • Most GSM providers use the COMP128 algorithm to implement A3
and A8
Generated by HLR
Input for A5 Present in SIM
card
Ki is encrypted by DES and then sent to HLR; HLR uses the same key codes for decryption and stores Ki.
Examples of Attacks on SMS
• April 13, 1998: Marc Briceno (Director of the Smartcard Developer Association and two U.C.Berkeley researchers-David Wagner and Ian Goldberg The 128bit Ki could be deduced by collecting around 150,000 chosen RAND-SRES pairs.
Developments of A5 • A5 is a stream cipher protecting SMS transmission
ü A5/0: no encryption ü A5/1: original algorithm used in Europe ü A5/2: weaker encryption, used outside Europe ü A5/3: strong , created for 3G systems
Although A5/3 is strong, but lack of network authentication makes MITM attack possible.
WhatsApp Flaws • SSLv2 Protocol Support (Before 02/21/2014) Ø No protection for the handshake Ø Weak MAC construction Ø Same keys for authentication and encryption
• Vulnerable to Man-In-The-Middle attack
How does SSL /TLS work? • Handshake phase(From TechNet by Microsoft)
• Data exchange phase
Server Hello
Client Hello
iMessage encryption algorithm RSA(1280-bit) used to encrypt iMessages ECDSA(256-bit)used to generate and verify the signature of messages Step 1 Alice gets Bob’s public key from Apple Sever. Step 2 Alice encrypt M with Bob’s RSA public key and sign with her ECDSA private key Step 3 Bob receive the message, verify the signature with Alice’s Public key and decrypt C with his Private key. Advantage: end to end encryption Limitation: Apple has full control of public key
Results of Comparison Criteria SMS WhatsApp iMessage
Supported input Texts Texts, images, voice, video
Texts, documents, images, videos
File sizes Up to 160 letters Unlimited Unlimited
Cost Pay per message $0.99 annual fee Free
Ease of use All plat-forms Symbian, Android, iOS, windows,
BlackBerry
iOS5 or later
Secured Protocol for key exchange
No SSLv2(Before) TLS(Current)
TLS
Encryption Algorithm A3, A5, A8 RC4 RSA, ECDSA
Key Storage SIM WhatsApp servers and user’s phone
PU: Apple Server PR: iOS device
Key Generation 128-bit Random Key 128-bit individual Subscribe key
160-bit Random Key 1280-bit RSA key 256-bit ECDSA key
Conclusion Secured communication needs end-to-end
encryption • SMS: No.
• Whatsapp: Wait for a response. Weakest encryption among the three. However, after joining Facebook, it works on end-to-end encryption.
• iMessage: Yes. Strong encryption. Assumed as the safest one.