A team of computer engineers from various European universities has developed a solution to a long-standing end-to-end encryption problem.
As you know, end-to-end encryption in instant messaging is a security system that encrypts the transmitted content so that it can only be queried by the sender and receiver. Many instant messaging applications now use it to protect communications from users, including Telegram, WhatsApp, or Signal.
However, end-to-end encryption can now be broken if the sender or receiver device is infected by malware or controlled by an attacker. In this case, despite the encryption system, the intruder can intercept, read, and alter all communications without the participants in the conversation noticing.
“There are excellent end-to-end encryption services, but by definition they depend on whether the device remains secure,” explains Dr. Jiangshan Yu of the University of Luxembourg. “Once a device has been compromised, we can do little. That’s the problem we wanted to solve.”
The solution that these researchers have found is a protocol that makes the attackers leave evidence of their access, putting the users on alert. It is called DECIM (Detecting Endpoint Compromise in Messaging) and forces the recipient’s device to automatically certify the new key pairs that are requested in the encryption, keeping the certificates in a tamper-proof public book.
Encryption systems use cryptographic key pairs for the sender and the recipient to decrypt them. In case the mobile phone has been hacked, attackers can steal the keys to access messages without being discovered. However, with the new DECIM protocol this action leaves a trail in the public certificate book, alerting those involved in the conversation.
Engineers have verified the protocol’s capabilities and hope that it will help protect private communications.