The Snowden Phone: A Comparative Survey of Secure Instant Messaging Mobile Applications

TL;DR

This paper surveys and compares various secure instant messaging apps implementing end-to-end encryption, analyzing their security and usability, and proposing improvements based on experimental results.

Contribution

It provides a comprehensive comparison of existing secure messaging apps, highlighting their security and usability variations, and suggests enhancements for better privacy and user experience.

Findings

Applications vary in security and usability properties

None of the apps are completely infallible

Proposals for improving security, privacy, and usability

Abstract

In recent years, it has come to attention that governments have been doing mass surveillance of personal communications without the consent of the citizens. As a consequence of these revelations, developers have begun releasing new protocols for end-to-end encrypted conversations, extending and making popular the old Off-the-Record protocol. Several new implementations of such end-to-end encrypted messaging protocols have appeared, and commonly used chat applications have been updated with these implementations as well. In this survey, we compare the existing implementations, where most of them implement one of the recent and popular protocols called Signal. We conduct a series of experiments on these implementations to identify which types of security and usability properties each application provides. The results of the experiments demonstrate that the applications have variations of usability and security properties, and none of them are infallible. Finally, the paper gives proposals for improving each application w.r.t. security, privacy, and usability.