A Security and Privacy Audit of KakaoTalk's End-to-End Encryption

No Thumbnail Available

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Ask about the availability of the thesis by sending email to the Aalto University Learning Centre oppimiskeskus@aalto.fi

Date

2016-08-24

Department

Major/Subject

Security and Mobile Computing

Mcode

T3011

Degree programme

Master's Degree Programme in Security and Mobile Computing (NordSecMob)

Language

en

Pages

164

Series

Abstract

End-to-end encryption is becoming a standard feature in popular mobile chat applications (apps) with millions of users. In the two years a number of leading chat apps have added end-end encryption features including LINE, KakaoTalk, Viber, Facebook Messenger, and WhatsApp. However, most of these apps are closed-source and there is little to no independent verification of their end-to-end encryption system design. These implementations may be a major concern as proprietary chat apps may make use of non-standard cryptographic algorithms that may not follow cryptography and security best practices. In addition, governments authorities may force chat app providers to add easily decryptable export-grade cryptography to their products. Further, mainstream apps have a large attack surface as they offer a variety of features. As a result, there may be software vulnerabilities that could be exploited by an attacker in order to compromise user's end-to-end privacy. Another problem is that, despite being closed-source software, providers often market their apps as being so secure that even the provider is not able to decrypt messages. These marketing claims may be potentially misleading as most users do not have the technical knowledge to verify them. In this Master's thesis we use KakaoTalk -- the most popular chat app in South Korea -- as a case study to perform a security and privacy assessment and audit of its "Secure Chat" opt-in end-to-end encryption feature. Also, we examine KakaoTalk's Terms of Service policies to verify claims such as "[...] Kakao's server is unable to decrypt the encryption [...]" from a technical perspective. The main goal of this work is to show how various issues in a product can add up to the potential for serious attack vectors against end-to-end privacy despite there being multiple layers of security. In particular, we show how a central public-key directory server makes the end-to-end encryption system vulnerable to well-known operator-site man-in-the-middle attacks. While this naive attack may seem obvious, we argue that (KakaoTalk) users should know about the strength and weaknesses of a particular design in order to make an informed decision whether to trust the security of a chat app or not.

Description

Supervisor

Asokan, N.

Thesis advisor

Deibert, Ronald

Keywords

secure messaging, end-to-end encryption, android security, privacy

Other note

Citation