7/10/2023 0 Comments Bitmessage android app![]() Hand, generates as little data as technically possible and only stores it as long as absolutely necessary. ![]() It’s likely that many messengers are used to systematically collect and analyze their users’ metadata. Combined with data from other platforms, the picture thatĬan be drawn of a person is much more detailed than one that could ever be drawn from message content alone. The sole protection of content is insufficient because metadataĪllows to uniquely identify individuals, analyze their behavior, determine their circles of friends, detect their frequent locations, and monitor their communication behavior. Serious privacy protection must include both protection of content and protection of metadata. Phone number and/or email address to one’s Threema ID is optional.Īll data involved in communication other than the actual content is metadata. Instead of a phone number, the Threema ID (a randomly generated eight-digit string) serves as unique identifier. Threema can be used without providing any personal information whatsoever. For more details and how to activate the feature, please refer to this FAQ entry.Ĭomprehensive privacy protection requires solid message encryption, but there is more to it. Perfect Forward Secrecy: Threema supports Perfect Forward Secrecy. A 128 bit message authentication code (MAC) is also added to each message to The stream cipher XSalsa20 is then used to encrypt the message. NIST estimate (page 54), this corresponds at least with the strength provided by 2048 bit RSA.ĮCDH on Curve25519 is used in conjunction with a hash function and a random nonce to derive a unique 256 bit Strength of the encryption: The asymmetric ECC based encryption used by Threema has a strength of 255 bits. This guarantees that no third party – not even the server operators – can decrypt the content of the messages and calls. on a public wireless network) cannot even learn who is logging in and who is communicating with whom.Īll encryption and decryption happens directly on the device, and the user is in control over the key exchange. To ensure that an adversary who captures network packets (e.g. There are two layers of encryption: The end-to-end layer between the conversation participants, and an additional layer to protect against eavesdropping of the connection between the app and the servers. Since the Threema apps are open source, anyone knowledgeable enough can confirm Threema’s security. Threema uses tried-and-tested asymmetric cryptography to protect messages and calls between sender and recipient (and the communication between the app and the servers). Encryption with a six-digit code inside the app would not be sensible, as brute-force attacks would be trivial (since unlike iOS, an app cannot access special hardware features to protect the key).įor detailed technical information about the cryptography in Threema, read the Cryptography Whitepaper. This feature is intended to keep nosy people from reading your messages when you intentionally give them your phone for a short timeįor another purpose. Note: The passcode lock that is built into the app itself does not offer any additional encryption. For the highest protection against brute-forceĪttacks, you should choose a longer, alphanumeric passcode. Therefore, even a simple six-digit passcode offers a certain protection. On newer models, iOS also uses hardware features for the encryption. The key used for this encryption is linked to the device’s passcode. iOS: Threema uses the iOS Data Protection feature to encrypt messages, images, etc.Note: the PIN lock, which can be enabled independently of the Master Key Passphrase, does not cause any additional encryption it is simply a UI lock. You set a Master Key Passphrase, you will have to enter it after every restart of the device (and after the system has terminated the app due to low memory). Without a passphrase, the encryption will only add obscurity due to the way hardware encryption is handled on Android. The key used for this encryption is generated randomly the first time you start Threema,Īnd can optionally be protected by setting a Master Key Passphrase in the settings, which we highly recommend. Android: Threema includes its own app-specific encryption based on AES-256 to protect stored messages, media, and your ID’s private key.
0 Comments
Leave a Reply. |