Affiliation:
1. Department of Informatics, University of Oslo, P.O. Box 1080 Blindern, 0316 Oslo, Norway
2. Department of Technology Systems, University of Oslo, Postboks 70, 2027 Kjeller, Norway
Abstract
In recent years, it has come to attention that governments have been doing mass surveillance of personal communications without the consent of the citizens. As a consequence of these revelations, developers have begun releasing new protocols for end-to-end encrypted conversations, extending and making popular the old Off-the-Record protocol. New implementations of such end-to-end encrypted messaging protocols have appeared, and several popular chat applications have been updated to use such protocols. In this survey, we compare six existing applications for end-to-end encrypted instant messaging, namely, Signal, WhatsApp, Wire, Viber, Riot, and Telegram, most of them implementing one of the recent and popular protocols called Signal. We conduct five types of experiments on each of the six applications using the same hardware setup. During these experiments, we test 21 security and usability properties specially relevant for applications (not protocols). The results of our experiments demonstrate that the applications vary in terms of the usability and security properties they provide, and none of them are perfect. In consequence, we make 12 recommendations for improvement of either security, privacy, or usability, suitable for one or more of the tested applications.
Subject
Computer Networks and Communications,Information Systems
Reference55 articles.
1. AulonM.A comparison of secure messaging protocols and implementations2017Oslo, NorwayDepartment of Informatics at the Faculty of Mathematics and Natural Sciences of the University of Oslo2017Master’s thesis
2. SoK: secure messaging;N. Unger
3. How secure is TextSecure?;F. Tilman
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献