Inside the TextSecure, CyanogenMod Integration

Moxie Marlinspike explains how Open WhisperSystems plans to bring end-to-end encrypted secure communications to major platforms such as Android, iOS and popular Web browsers.

Moxie Marlinspike

Moxie Marlinspike

Moxie Marlinspike has published landmark research on SSL vulnerabilities, taken on certificate authorities and even built an alternative to CAs as we know them today called Convergence. But now that government surveillance and online privacy have been elevated to mainstream dinner-table conversations, the researcher has made a significant dent in the problem of bringing secure communication to the masses.

This week’s announcement that Open WhisperSystems’ TextSecure protocol will be integrated into CyanogenMod’s default SMS app means that upwards of 10 million Android users will be able to conduct chats online that are encrypted end-to-end, and theoretically out of reach of snoops and spies.

This has Marlinspike excited, and anxious to bring TextSecure and secure communications to more than just the Android platform; Open WhisperSystems has an iOS client and browser extension on the drawing board.

“As we expand our client base, we’ll be moving to this world where we have truly cross-platform, end to end secure communication with the really massive user base, which is really exciting,” Marlinspike told Threatpost. “This Cyanogen deployment is perhaps the largest deployment of end to end secure messaging ever.”

TextSecure, unlike other secure chat apps such as Silent Text, does not require both ends of the conversation to have an installed client. Nor are the encryption keys securing the chat sessions stored with Open WhisperSystems. That means the organization is not subject to government requests via warrants or National Security Letters for encryption keys or user data.

“That’s definitely happening and an important component of any secure communication system. You want the servers to be completely untrusted,” Marlinspike said. “People get very caught up in where servers are hosted and that really shouldn’t matter. Our position should be that there are really no good governments or safe regions where you can put a server. You have divide servers to be completely untrusted, and you have to have client software that is open source and anyone can verify the security.”

The partnership between the CyanogenMod and Open WhisperSystems began earlier this year when the aftermarket Android firmware provider approached Marlinspike about developing a secure messaging system for their users.

“Our position is one of building a business that is not based on collecting as much information as possible about the user,” Marlinspike said. “Seems like they’re trying to think of ways of improving the user’s default experience with respect to privacy.”

Marlinspike said the native CyanogenMod SMS client was modified to support the TextSecure protocol, and that TextSecure for CyanogenMod runs on the TextSecure V2 protocol and supports forward secrecy and the 3DHE agreement for deniable messages.

“If an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS,” Marlinspike said in the announcement. “The result is a system where a CyanogenMod user can choose to use any SMS app they’d like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all.”

While the Android rollout is slowly under way, the early feedback is encouraging.

“Mostly, the feedback that we’ve gotten is that it’s too invisible; people can’t even tell that it’s happening. They would like more visual feedback, which is a good problem to have and a good problem to start from. Rather than the opposite which is this is too cumbersome or impossible to use,” Marlinspike said. “Right now people are questioning whether it’s really working. ‘Yes it really is.'”

Visual feedback via some kind of icon or system notification is likely the next priority for the TextSecure-CyanogenMod integration, in particular getting the feedback in whatever form it takes to work with software such as Google Hangouts, for example, that is closed source.

Next off the line could be the iOS client, followed shortly thereafter by a client for Open WhisperSystems’ RedPhone secure voice app and a browser extension that would put Open WhisperSystems on its way to having encrypted cross-platform asynchronous messaging systems anchored by open protocols and open source software.

“We want truly cross-platform support, so that means iOS, Android and something for the desktop,” Marlinspike said. “If you can do something with a browser extension, then that automates a lot of friction for users. You get these messages on your phone and you get them on your desktop which is really an integrated chat experience with whatever device you’re using.”

Suggested articles