When addressing messaging security, the current end-to-end encryption presents some issues. If an attacker hacks receiver devices, they can intercept, access and and also alter all communications with senders and receivers not being aware of the attack.

The new solution proposed by researchers and published in IEEE Transactions on Information Forensics and Securit, forces the attacking third parties to leave evidence when undertaking hacking maneuvers, while alerting the users and driving them to take action.

The necessity of developing such technique to increase security and limit damages occurred to Dr. Jiangshan Yu, the University of Luxembourg, Dr. Mark Ryan, the University of Birmingham, and Professor Cas Cremers, the University of Oxford, after they became aware of mass software vulnerabilities, such as the Heartbleed bug, which identifies great risks for devices opening them to external influences and compromises. Dr Yu said, “There are excellent end-to-end encryption services out there, but by definition they rely on your device itself remaining secure; once a device has been compromised there’s little we can do. That’s the problem we wanted to solve”.

End-to-end encryption is widely available in messaging services such as the famous Whatsapp. This technique exploits pairs of cryptographic ‘keys’ that the sender uses to encrypt messages and the receiver uses to decrypt them. Therefore, the hackers that want to intercept messages will need to first hack into the messaging device and steal the cryptographic keys. Then, once the keys are acquired, the attacker can take control of the WIFI device and intercept the messages, being able to impersonate the user thanks to the stolen keys. The way things are now, attackers can only intercept the messages sent through the ‘infected’ network. In fact, if a user swap from WIFI to 4G connection while messaging, the attacker that was, for instance, exploiting the hacked WIFI to intercept messages will be cut out from the conversation and lose track of the keys.

However, attackers may plan to steal information on a long term bases, rather than a one-off occasions, and have the opportunity of doing so. In fact, Internet Service Provider and messaging service operators are in the positions of doing so as all the information pass through their servers. In fact, if they were to obtain users’ keys, they could potentially ‘eavesdrop’ all the conversations without the users never knowing it.

The new technology developed by the scientists, called DECIM (Detecting Endpoint Compromise in Messaging), takes in account these risks. With DECIM, the recipient’s messaging tools automatically certifies new key pairs, storing the certificates in a tamper-resistant public ledger.

The team went though formal security analysis using a test protocol verification tool the ‘Tamarin prover’, which simulates millions of possible attack situation, in order to test DECIM’s effectiveness. The results were interesting and showed improvements, especially considering the several security flaws in messaging protocols.

“There’s no silver bullet in the field of end-to-end encryption,” explained Dr. Yu, “but we hope that our contribution can add an extra layer of security and help to level the playing field between users and attackers.”

Professor Mark Ryan, from the School of Computer Science at the University of Birmingham, added, “Our Security and Privacy group tries to solve problems that are important to society. Given the prevalence of cyber-attacks on phones and laptops, we are proud of this work on detecting when encryption keys have become compromised. Next, we intend to apply for this work on detecting encryption key compromise to applications, for example in blockchain or in Internet-based voting.”

Written by: Pietro Paolo Frigenti

Journal Reference:

Yu, J., Ryan, M., Cremers, C. (2017). DECIM: Detecting Endpoint Compromise In Messaging. IEEE Transactions on Information Forensics and Security, 1 DOI: 10.1109/TIFS.2017.2738609