In the post-Snowden era, everyone wants to make encryption easier. Now, one group of researchers has created a tool intended to make it invisible.
A team from Georgia Tech has designed software that acts as an overlay on Android smartphones' communication apps---like Gmail or Whatsapp---and mimics the apps' user interfaces. When users type, the text is encrypted automatically before being passed on to the application and transmitted over the internet. Likewise, the interface invisibly decrypts text received from other users of the software. The result, as the researchers describe it, is a "transparent window" over apps that prevents unencrypted messages from leaving the user's device, an invisible communications condom for your smartphone's secrets.
"The window acts as a proxy between the user and the app. But the beauty of it is that users feel like they're interacting with the original app without much, if any, change," says Wenke Lee, the Georgia Tech professor who led the developers. "Our goal is to make security that's as easy as air. You just breathe and don't even think about it."
The researchers call their prototype Mimesis Aegis, or M-Aegis, Latin for "mimicry shield." They plan to present their research at the Usenix Security conference this week.
For now, the Georgia Tech team is framing their work as pure academic research. But they also plan to release the software in some form this fall, although it initially will work only with email and chat services like Gmail, Whatsapp, and Facebook. Eventually, they hope to extend the app's abilities to photos and audio, so multiple functions of an Android phone can be effortlessly encrypted within popular apps users already have installed without requiring them to adopt new encryption apps like Textsecure or Silent Circle.
Despite their ambition, M-Aegis prototype is far from a universal smartphone encryption engine: It can only encrypt communications with other M-Aegis users, since both phones must generate encryption keys and exchange them to allow scrambled communications. And the system only works with Android; Apple is more restrictive in controlling how the user interfaces of its iOS apps can be altered.
Aside from those limitations, the researchers claim in their Usenix paper that a lock icon added to encrypted messages will be virtually the only sign that users aren't directly accessing an unaltered app. They tested M-Aegis with real emails---using samples taken from the Enron investigation in the early 2000s---and found it took less than a tenth of a second to decrypt even the longest emails on an LG Nexus 4, and at most around one-fifth of a second to encrypt them. They even were able to replicate the search function of the Android Gmail client, thanks to their own encryption system called "easily-deployable efficiently-searchable symmetric encryption" or EDESE, which allows the search of encrypted files with "negligible" slowdown.
Despite those impressive crypto claims, early users should be wary of the security of M-Aegis's untested prototype. The Georgia Tech researchers say that for now, they don't plan an open source release of the software, which may prevent the security community from identifying flaws in its privacy protections.
Maintaining the software could also turn out to be cumbersome: Given that the program is designed to exactly mimic the apps it's overlaid on, every update to a communications app's interface could require a change to M-Aegis. The researchers won't yet say how they plan to support the app---through their own volunteer labor or by spinning the technology out into a non-profit project or startup. But Lee downplays the difficulty of keeping up with the apps whose communications M-Aegis encrypts. "If an update to an app is just to make it look prettier or move things around, that doesn’t effect us at all," he says.
For now, Lee admits, the process does require a manual process of assessing new apps and updates to maintain M-Aegis's mimicry of the underlying programs. But eventually, he hopes to automate the analysis of new applications so that they can be pulled under M-Aegis's protective shield with minimal human effort. The goal, he says, is a future where privacy-conscious users don't need to give up mainstream cloud-based services. But thanks to invisible encryption strapped onto the apps' surfaces, the apps are nonetheless prevented from ever accessing raw data that could be vulnerable to hackers or intelligence agencies.
"We don't believe that these services actually need to look at users' communications. They're just transporting messages from A to B, and if the user elects, they should be able to make those messages truly private." says Lee. "That's the approach whose potential we're trying to demonstrate."
