Category Archives: smartphone

Keeping it private – part 2


So in the last post we described the setup of the app and how it starts off on its journey to build a private channel.  To quickly recap, the phone now has a public/private keypair, a secret key that you’ve exchanged with the system and the system has got your public key and knows it’s from you, which gets stored in our directory ready to give it to anybody else who asks.

The next step is to build a private, encrypted channel between you and your friend.  The first step is to get their public key, so the app asks us, what the registered public key is for your friend[1].  We give that to you using the private channel between you and the system and we sign that response, so you know the public key comes from us not to mention coming back over our shared secret channel[2].

You then generate a channel name (a friendly name, usually the persons name), channel id and a new secret key, the app bundles this up in much the same way as it did when it started to talk to the server.  The bundle of data, including your public key is encrypted using your newly generated secret key and then your secret key gets encrypted with your friends public key.  You also sign this entire packet.  The phone then sends that to us.  We do a few things to just double check that this message is from you.  Firstly it has to come over our shared secret channel which we know is from you and secondly the digital signature on the channel message (which we’ll forward on) has to be signed by you[3]. If that’s ok, we send it on to your friend.

When your friend gets your message, the first thing they do, is get your public key from the server.  They then check the signature on the negotiation message to make sure that it really has come from you.  If it isn’t, the throw it away.  They then decrypt the first part of the message using their private key.  In this part is the secret key that you are going to use to chat with each other.  They then send an acknowledgement message to you, encrypting that message with their secret key, signing it with their private key[4] accepting the channel.

So what have you got now?  You have now exchanged a secret key with your friend that we the system haven’t seen, in a way that makes your sure that you’ve exchanged that key with who we say it is.  You can now chat away, with us forwarding your messages knowing that nobody in the middle can read your messages or impersonate your friend.

We’ll start to explore how the app detects if we’re messing with the public keys that we’re publishing, in the next post, when Mars attacks.

[1] This is to ensure that you don’t get sent a different public key in the message at face value asserting to be from a specific phone.

[2] Some might wonder what the point of signing the message is if it’s coming from the server over our shared secret channel which we’ve already authenticated.  This is a practical measure for security.  Secret keys must be available to the server processes to wrap and bundle our messages and anything we forward to you from others.  That means if a front line server is compromised somebody could start to impersonate us on that server fairly easily.  Our private key on the other hand is kept well away from the front line machines in a processes not on the same network directly connected to the servers terminating chat connections.  If we can afford it, we’ll use a hardware security module.

[3] This proves that someone hasn’t just managed to obtain your secret key (say from us) and that you have access to your private key still, the other half that we’ve authenticated and hold.

[4] Lastly, to close the loop on the protocol, the far end signs the acknowledgement.  Now notionally this isn’t actually necessary as you’ve encrypted your secret key with their public key so if they’ve decrypted it (and sent you a message back) you can assert they’ve got their private key.  That’s all well and good for single user channels but that isn’t so easy when you want to have multi-person chats with a group of friends.

Additionally: Private key operations are expensive, they take lots of processing power and that in turn eats battery life.  We use them for critical parts of the protocol but not everything all the time.


What’s it going to look like?

Hey there,

So as some if you have been asking, what it’s going to look like to get an idea of how it’s going to work we thought we’d share some screenshots.  It’s going to be easy to use and work in the way that applications are built for that device.  Once you download it, you’ll immediately know how to use it.  Expect the Windows Phone 8 version to be very different to this one but still guaranteeing the same level of privacy and security.

You can also get an idea of some of the features it has, multi user messaging, blocking, address book integration as well giving those who are interested, control of the inner workings.  If someone isn’t using Talaria, we’ll let you either invite them or give them a discounted version as a gift.

Active channels
Active channels

This shows your active chat  channels, who’s online (if they want to share that) and notifications of pending messages.

Simple chat screen, that you already recognise
Simple chat screen

This is the simple chat screen, we’re still deciding what this is going to look like and we’d like to give people more information about the chat, chat parties etc, sending files.  We’re also working on a one touch scheme to leave a voice message for someone.  Sometimes we find that tone gets lost in simple text messages and you just want to drop them a quick few words in your own voice.  Ever been having a really heated argument and said something you regret?  We’ve come up with a “Time-out” button that stops you (and them) from exchanging messages for 5 minutes.  There are lots of things about Talaria that are going to make you want to use it.

Address Book
Address Book

Your phone’s address book, allows you to easily find people you want to chat to and get them on board with Talaria.

App Settings
App Settings

A key feature of Talaria is to keep you in control.  We expect that many people will just use it to chat and not be too bothered about these.  One of the things that we do like is the idea that messages roll off.  We don’t store messages on the server once we’ve sent them to you and from a privacy perspective, it’s better that after a period of time the messages get deleted.  We find that when we want to refer to previous messages, it’s for getting timings, telephone numbers, places to meet, addresses and so on which is why as well as auto roll off of messages we have an encrypted message clipboard.  Just double tap the message in chat and it’s auto added to a clipboard we keep for you, that way things of importance are always, easily to hand, and you don’t need to go scrolling through hundreds of messages just to find that one email address or telephone number.  Of course if you want to just keep everything, you can turn the feature off.

Also in here, you’ll find things about the encryption keys, again, we expect most people won’t be fussed about this, but it’s all there for you to be able to check, rotate and purge.  This is also the jumping off point for security folks who want to make sure we’re doing what we should be.