In the first of the series about explaining how Talaria keeps your chat private I wanted to give a very quick overview about how it works. It’s fairly technical in detail but if you want to understand any of the building blocks in more detail, leave questions in the comments. We’ll start with the overview and post the actual messages from the system once we’ve done the high level stuff.
Talaria keeps your messages private by first creating a public/private key pair. The public half of this, you’re going to give to us, so we can give it to your friends when they want to start a private channel with you. After you’ve created the key pair you’ll create another key, a secret key, you’re going to share this key with us. This is used to protect messages sent between you and us the chat server.
You give us a bundle of information, your phone number, your public key and the secret key you generate. Using our public key (which comes with the app when you download it) you bundle all of this up, number, public key, secret key, id and send it to us. We now have your public key, a secret key to talk to you with and your phone number. The next step is important. We don’t just publish to the world that your public key corrosponds to that phone number. Next we generate two numbers, encrypt them using your secret key and then send them back to you via text message. The application then decrypts this text message, takes out the two numbers, adds them together and sends them back to us over the internet. We verify that response and if we’re happy we record your public key as being linked to that phone number (a phone number that your friends already have in their address book on their phones).
So what’ve we got now? Well, you’ve got a public/private key pair, we’ve got a shared secret key and we have a strongly authenticated binding of your phone number with your public key. Which is all well and good, now we can exchange messages that nobody can read or impersonate.
A quick note about using SMS. Some of you will be thinking that SMS is the sort of thing that can be manipulated by unscrupulous actors and that someone who has access to the telecoms infrastructure could impersonate you and receive the verifier and do this whole process pretending to be you. This is true, the first time, but we’ve got some faith in human nature here and critically we have a number of ways to enable this to be detected, in that people quickly work out that they’re in fact not talking to the person they think they are. We’ll discuss is some detail the possible scenarios how we enable people to detect compromises in the system. Once you’re set up on the system of course any change to the public key that’s been published is detected by both parties. As part of the startup process the app asks the system, what public key is it publishing for itself and checks to see if those are the same. It’s also double checked during the login phase which we’ll describe later. We do also support ‘usernames’ but what happens if you lose your key? If you don’t back it up somehow or otherwise protect it? We’ve come up with a way to back up keys on paper or use Mifare cards for those with NFC readers on their phones but that starts to get a bit user un-friendly and we expect the majority of people won’t make good use of that.
Still no private chat channel though? We’ll cover that in the next post.