Archive for December, 2011


TextSecure 201

This post is about Whisper SystemsTextSecure app for Android (currently version 0.5.7, available through the market). It’s an encrypted SMS client that supports both local encrypted storage and over-the-wire encryption of messages. Wire encryption is done using a modified version of Off-The-Record (OTR) messaging, in use by Pidgin and Adium chat clients.

This post assumes some knowledge of OTR, and will go through how to take advantage of TextSecure’s security features. While some of these instructions are available through TextSecure’s wiki, I found them to be terse and not quite usable as-is for everyone.

After installing TextSecure, you’ll be prompted to enter a password. This password is used to encrypt your local message database and your keys. It will then generate your keys.

To see your public key, you can go to Settings->View My Identity Key. If you have your address book synchronized with Gmail or Google Apps, highly recommend you create an address book entry for yourself, and go to Settings->Choose Identity, then Settings->Export My Identity Key. This creates an entry in your address book with your public key. The entry is an IM-type entry with key TextSecure-IdentityKey and the value is the base64’d (public) identity key.

For normal operation, you can text as normal. It’s a regular SMS app. However, if your SMS buddy also has TextSecure, this the app will detect it and ask if you’d like to initiate a key exchange. After a successful key exchange, you should see a red lock at the top of your chat window, and a lock beside each sent & received SMS message. This is the equivalent of OTR’s “Unverified” status. It means that the current chat is encrypted, but we’re not sure if there is someone doing a Man-in-the-Middle attack or not.

TextSecure offers a few ways to handle key verification. The simplest is to, from the chat window, select Menu->Secure Session Options->Verify Recipient Identity. This is useful if you have the other person’s identity key in text format. If you are in person, there’s a slightly cooler way to verify: both parties should click Compare, with one of them picking Get My Key Scanned and the other picking Scan their key to compare. This will allow you to scan QR codes to verify. After verification, switch roles so the other person verifies too.

There’s another way to verify identity keys, but it’s slightly more complicated. You’ll recall how we exported our public key into our address book. We can also import from the address book. Go into Google Contacts and find your entry; it should have an entry titled TextSecure-IdentityKey. Copy the base64 text, and send that to the other person through a secure channel: OTR-encrypted chat or PGP-signed mail are good examples of this. Now, taking the other person’s base64’d key, go to their entry in your address book. Click the Add button, and select Instant Messaging. With that new field, pull it down so the left-hand side says Custom, and type in TextSecure-IdentityKey. The right-hand side should be the base64’d text they sent you. Now that you have their key, go back into TextSecure. Go to Settings->Import Contact’s Key and find their address book entry. You’ll be prompted to verify, so compare these numbers against what you’ve got in the message screen. This may seem like a long-way around just to verify, but may be very useful if you use an app such as Bump to transfer address book entries to other people. If someone has given you a base64’d key, and you’re having difficulty importing into the address book, you can manually verify this by issuing a simple *nix command:

echo '<base64 string>' | base64 -d | xxd
echo '<base64 string>' | base64 -d | hexdump -C

(One of my systems had hexdump and not xxd for some reason)

No matter how you verify, you should see a blue lock at the top of the messaging screen when you have a verified key for that person. This is equivalent to Pidgin-OTR’s “Private” designation.

A note for those with multiple devices. You probably don’t want to have multiple identity keys floating around, it gets annoying for verification. My suggestion is to select one of your devices that you want to copy the key from, and use TextSecure’s Export To SD Card feature. Now, on the second (or additional) device, you can copy the exported directory to that device’s sd card, and select Import From SD Card. This will wipe any TextSecure settings on the second device, but will import your private keys, your SMS messages, and your friends’ identity keys. Once these two devices are running, I recommend using the address book for tracking identity keys, so they can be easily imported into both devices.

Finally, a note to my fellow Canadians: Bell Mobility mangles multi-part SMS messages, resulting in broken key exchange messages. TextSecure *will not work* on Bell Mobility.