List of Secure Instant Messengers

From Freiheit statt Angst!

Revision as of 11:30, 18 August 2014 by Wir speichern nicht! (Talk)
(diff) ←Older revision | Current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search

This list describes an overview of Instant Messenger Clients, which are sending the Message encrypted. For that, several criteria are to consider.

Contents

Description

Open Source

Encryption algorithms must be transparent. For that, the open source status of the application is essential. Messengers, which are not revealing the source, must be trusted by the company, offering the messenger. To find flaws and failures in the code, only an audit of a community beeing able to look into the source can check, if the encryption implementation has been done in a proper way. In general it is recommended to not trust closed source encrytion.

Decentral Model

A messenger will fail, if a central server is closed or surveilled. For that decentral server architectures have been developed, either bei a peer-to-peer technology, or by open source chat servers, which can be set up by everyone. An architecture, where all the messages go not through a central server is a big plus in redard for security, because a one-stop-shop for surveillance is not as secure as if a decentral model is choosen.

Symmetric Encryption

Symmetric enrcyption describe a kind of passphrase, only both users know to decrypt the message. It is a hidden secret, only both participants know.

Alternatives in Asymmetric Encryption

Asymmetric encryption means, that both participants have a private and public key. The public key must be exchanged. A mathmatical operation then encrypts the message with the public key of the receiver. Mostly the RSA Algorythm is used here. As it is based on not-solveable complex mathematical operations, the encryption might be regarded as safe. But what happens if the complex problem is soon a simple one? Better to not have only RSA as the only method in this regard, but also here some alternatives: e.g. ElGamal or NTRU. NTRU is regarded as secure even for quantumcomputing.

Keysize

The Keysize describes the lenght of the needed mathematical operation. Simply spoken, the longer the Key, the longer it takes, to try to crack it. Today a key size of 2048 for asymmetric keys is recommended.

Forward Secrecy

Forward Secrecy describes the option to change the encrryption key every session or even instant.

Multiencryption

Multiencryption describes several layers of encryption. E.g. you can add a symmetric encryption within an asymmetric encryption, the ciphertext then is locked once more with an additional password.

Clientside Encryption

The encryption key must be stored on the device of the user, not on a remote server in the web. Also the plaintext should be processed to ciphertext on the device of the user. It must happen in his hand, not on a remote server.

Groupchat and Filetransfer

Some Messengers offer Groupchat and Filetransfer. These features as well should transfer only encrypted bytes.

Key not stuck to IP ?

The Public Key is needed to identify the user. Mostly the own IP address is then related to the own public Key. But, there are messengers, which do not relate the Public Key to the own IP address. This offers more security, as the IP cannot targeted for getting on the remote machine, where e.g. the private key is stored too. In case an attacker knows the IP related to an public key, he can try to get on the remote machine and download and decrypt the private key, which then offers the decryption for all encrypted communication.

Proxy

Proxies and Tor might help to have the own IP not related to the public key.

Chat to Offline Users

Messengers without a central server need special means to be able to message to friends, which are offline. This is mostly done by storing the messages in other online friends. As this is a quite convenient feature, some messengers offer this in an encrypted way too.

Transport protocols

Not all messengers support the most given transportprotocols like TCP, UDP and SCTP.


Chatserver open source

As some Messenger need a central server, the source of this chat server need to be published, to be transparent and auditable as well for this bridge, a message takes. Here as well as for the client the claim should be, that this part of the software should be open source as well.



Table Overview of Secure Messengers

Client Name Open Source License Without Central Server Symmetric Encryption (e.g. AES, DSA) Asym.: RSA Asym.: NTRU Asym.: ElGamal Default Asym. Keysize Max. Asymm. Keysize Forward Secrecy Multi-Encryption Clientside Encryption Encrypted Groupchat Encrypted Filetransfer Public Key not stuck to IP? Proxy /Tor Chat to offliners TCP UDP SCTP Serversoftware open source Website
BitMail [1] BSD yes yes yes no no 2048 8192 yes yes yes yes no yes yes yes yes yes no yes http://bitmail.sf.net
Chadder [2] no no no no no no  ?  ? no no  ? no no no no no yes no no no http://etransfr.com/products.html
Chatsecure GPLv3+ / Apache 2.0 yes no yes no no 1028 1028 yes no yes no no no yes no yes no no yes https://chatsecure.org/
CryptoCat yes no no yes no no 1028 2048 yes no yes no no no yes no yes no no yes https://crypto.cat/
FireFloo [3] BSD yes yes yes no yes 2048 8192 yes yes yes yes yes yes yes yes yes yes yes yes https://firefloo.sf.net
Folpy [4] GPL v3 yes no yes no no 1024 1024 no no yes no yes no no no yes yes no yes https://bitbucket.org/folpy/folpy
GoldBug [5] BSD yes yes yes no yes 2048 8192 yes yes yes yes yes yes yes yes yes yes yes yes https://goldbug.sf.net
Hemlis [6]  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ? http://heml.is
Kontalk [7]  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ?  ? http://kontalk.org
Kik [8] no no no  ? no no  ?  ?  ? no  ? no  ? yes no  ? yes  ? no no http://kik.com
Myenigma [9] no no yes yes no no 2048 2048 yes no yes no no yes  ? yes TCP  ? no no https://www.myenigma.com
RetroShare [10] GPL yes no yes no no 2048  ? no no yes yes yes no no no yes yes no yes https://retroshare.sf.net
SecuXabber GPLv3 yes no yes no no 1024 2048 yes no yes no no no  ? no yes no no yes http://sourceforge.net/projects/secuxabber/
Spot-on [11] BSD yes yes yes no yes 2048 8192 yes yes yes yes yes yes yes yes yes yes yes yes https://spot-on.sf.net
SureSpot [12] GPLv3 yes no yes no no 1024 2048 yes no yes no no no  ? no yes no no yes https://www.surespot.me
Telegram [13] no yes no yes no no 1024 2048 yes no yes no no no  ? no yes no no yes https://www.telegram.org
TextSecure GPLv3 yes no yes no no 2048 2048 yes no yes no no no  ? no yes no no yes https://github.com/WhisperSystems/TextSecure/
Threema Public Domain (encryption library only) no no yes no no 2048 2048 transport layer yes yes yes no yes no yes yes no no no https://threema.ch
Waste GPL yes no yes no no 1024 1024 no no yes no yes no no no yes no no yes https://waste.sf.net
WhistleIM no no no yes no no  ?  ? no no no no no no no no yes no no no https://whistle.im
Bleep no no no yes no no  ?  ? no no no no no no no no yes no no no https://bleep.bittorrent.com
SimsMe no no no yes no no  ?  ? no no no no no no no no yes no no no https://sims.me
Personal tools
Toolbox
  • What links here
  • Related changes
  • Upload file
  • Special pages
  • Printable version