A Security and Privacy Audit of KakaoTalk's End-to-End Encryption
No Thumbnail Available
URL
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Ask about the availability of the thesis by sending email to the Aalto University Learning Centre oppimiskeskus@aalto.fi
Authors
Date
2016-08-24
Department
Major/Subject
Security and Mobile Computing
Mcode
T3011
Degree programme
Master's Degree Programme in Security and Mobile Computing (NordSecMob)
Language
en
Pages
164
Series
Abstract
End-to-end encryption is becoming a standard feature in popular mobile chat applications (apps) with millions of users. In the two years a number of leading chat apps have added end-end encryption features including LINE, KakaoTalk, Viber, Facebook Messenger, and WhatsApp. However, most of these apps are closed-source and there is little to no independent verification of their end-to-end encryption system design. These implementations may be a major concern as proprietary chat apps may make use of non-standard cryptographic algorithms that may not follow cryptography and security best practices. In addition, governments authorities may force chat app providers to add easily decryptable export-grade cryptography to their products. Further, mainstream apps have a large attack surface as they offer a variety of features. As a result, there may be software vulnerabilities that could be exploited by an attacker in order to compromise user's end-to-end privacy. Another problem is that, despite being closed-source software, providers often market their apps as being so secure that even the provider is not able to decrypt messages. These marketing claims may be potentially misleading as most users do not have the technical knowledge to verify them. In this Master's thesis we use KakaoTalk -- the most popular chat app in South Korea -- as a case study to perform a security and privacy assessment and audit of its "Secure Chat" opt-in end-to-end encryption feature. Also, we examine KakaoTalk's Terms of Service policies to verify claims such as "[...] Kakao's server is unable to decrypt the encryption [...]" from a technical perspective. The main goal of this work is to show how various issues in a product can add up to the potential for serious attack vectors against end-to-end privacy despite there being multiple layers of security. In particular, we show how a central public-key directory server makes the end-to-end encryption system vulnerable to well-known operator-site man-in-the-middle attacks. While this naive attack may seem obvious, we argue that (KakaoTalk) users should know about the strength and weaknesses of a particular design in order to make an informed decision whether to trust the security of a chat app or not.Description
Supervisor
Asokan, N.Thesis advisor
Deibert, RonaldKeywords
secure messaging, end-to-end encryption, android security, privacy