If somebody sells you “end-to-end” encryption, you should probably be sure that is what you are getting.

Source: Ars Technica

The details: Dutch police totally pwned a supposed end-to-end encryption service called IronChat, decrypting 258,000 messages related to criminal activity in the Netherlands.

Blackbox-security.com sold what was called the IronPhone which provided an app called IronChat which purported to only be able to send encrypted text messages. Police arrested two people involved with the phone service on charges of money laundering and participation in a criminal organization.

Police in the Netherlands were able to tracks the messages sent with the IronChat app to, “close down a drug lab in Enschede and confiscate automatic weapons, large quantities of MDMA and cocaine, and 90,000 euros in cash.”

IronChat also falsely advertised that it was endorsed by world-famous leaker Edward Snowden, yet Snowden’s representatives claim they have never heard of the service and certainly never endorsed the app.

Why it matters: If Dutch police were truly able break the end-to-end encryption of a messaging app, that would be a massive story that would make all cryptologists—criminal or otherwise—fairly nervous.

What actually happened appears to be more a comedy of errors than a true hack by the authorities.

Much like the blockchain, end-to-end encryption (like the kind employed by messaging app Signal) relies on the communication between two cryptographic keys. A message is encrypted from the originating device (not on the server or in the cloud) and is only accepted by the recipient device with the corresponding encryption key. The simple cryptography has been in use for a long, long time. Unless you have the keys, or have clues on how to decode them (the most famous instance of this being how the Allies decoded German messages in World War II, the team led by Alan Turing at Bletchley Park), sophisticated encryption is nearly impossible to break.

It appears that Dutch authorities were able to break the encryption because of an error in the IronChat system.

As reported by Ars:

An article published by Dutch public broadcaster NOS said a version of the IronChat app it investigated suffered a variety of potentially serious weaknesses. Key among them: warning messages that notified users when their contacts’ encryption keys had changed were easy to overlook because they were provided in a font much smaller than the rest of the conversation. While crypto keys often change for legitimate reasons, such as when someone obtains a new phone, a new key might also be a sign a third party is trying to intercept the communications by encrypting them with a key it controls.

The hacker’s perspective:

Steven Mccormack, Automation Engineer at Randori, says:

"Engaging in covert, potentially illicit activity requires adopting a trust no one mindset. When faced with maintaining privacy against high stakes, tools must be selected carefully, and vetted thoroughly. Given the variety of poor UX features (small notifications about keys), and technical bugs (no server validation, useless panic button) present in IronChat's application it already throws red flags as an insecure tool for use by a clandestine organization. Given the carelessness of the exposed bugs there is reason to believe that more exist within this device. Blackbox-security.com, the retailer of the IronChat phone, also appears to have fabricated quotes by Edward Snowden to encourage sales. IronChat seems to have relied on marketing rather than technical superiority to sell these devices. Thoroughly testing and challenging any claim made by a third party manufacturer should be a high priority for any organization serious about maintaining privacy."