Most messaging apps are advertised as secure. The Electronic Frontier Foundation (EFF), a lobby group dedicated to “defending civil liberties in the digital world”, decided to verify those claims and have recently published their findings in the form of the Secure Messaging Scorecard.
According to the EFF:
“In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer ‘secure messaging’ products — but are these systems actually secure? We decided to find out, in the first phase of a new EFF Campaign for Secure & Usable Crypto.”
The EFF tested 38 applications including chat clients, text messaging apps, email applications, and video calling technologies, using the following criteria:
- Are communications encrypted in transit?
All user communications should be encrypted along all the links in the communication path.
- Are communications encrypted with a key so that the provider does not have access?
All user communications should implement end-to-end encryption. This means the keys necessary to decrypt messages should be generated and stored at the endpoints (i.e. by users, not by servers).
- Can the contact’s identity be independently verified?
There should be built-in method for users to verify the identity of correspondents they are speaking with and the integrity of the channel, even if the service provider or other third parties are compromised.
- Are past communications secure if user keys are stolen?
All communications should be encrypted with keys which are routinely deleted (along with the random values used to derive them) and if users choose to delete their local copies of correspondence, they should be permanently deleted.
- Is the code open to independent review?
Source code which could affect the communication and encryption performed by the client should be made available for review in order to detect bugs, back doors, and structural problems.
- Is the security design well-documented?
Clear and detailed explanations of the cryptography used by the application should be provided.
- Has there been any recent code audit?
Whether there has been any security review by a named auditing party that is independent of the tool’s main development team within the 12 months prior to evaluation.
This Secure Messaging Scorecard represents only the first phase of the EFF’s Campaign for Secure & Usable Crypto. In later phases, closer examinations of the usability and security of the tools that score the highest here will be offered. As such, the results in the scorecard should not be read as endorsements of individual tools or guarantees of their security; they are merely indications that the projects are on the right track.
The full scorecard can be found on the EFF’s website: https://www.eff.org/secure-messaging-scorecard