X, formerly Twitter, has begun to release its new encrypted messaging feature called “chat” or “xchat”.
The company claims that the new communication feature is end-to-end encrypted, which means that the messages exchanged in it can only be read by the sender and their receiver and-theoretically-one else, including X, cannot access them.
However, cryptography experts warn that the current application of encryption on Xchat should not trust. They say it is much worse than the signal, a technology that is widely considered the state of art when it comes to encrypted end to end.
In Xchat, once a user clicks “Setup Now”, the X asks them to create a four -digit pin, which will be used to encrypt the user’s private key. This key is then stored on X’s servers. The private key is essentially a secret cryptographic key that corresponds to each user, serving the purpose of deciphering messages. As in many end -to -end encrypted services, a private key is combined with a public key, which is what a sender uses to encrypt messages on the receiver.
This is the first red flag for Xchat. Signal stores a user’s private key on their device, not on its servers. How and where exactly the private keys are stored on the X servers are also important.
Matthew Garrett, security researcher that posted a blog post Regarding Xchat in June, when X announced the new service and slowly began to overflow it, he wrote that if the company does not use what they are called hardware or HSMS units to store the keys, then the company could violate the keys and possibly decipher. HSMS are servers that are made specifically to make it difficult for the company to have access to the data.
XE said In one position in June that the company is using HSMS, but neither the company has provided any evidence so far. “Until this is done, this is’ trust us, bro ‘ground,’ Garrett told Techcrunch.
The second red flag, that the HA itself admits On the Support page of the X Chat is that the current implementation of the service could allow “malicious confidential or x” to reconcile the encrypted conversations.
This is what is technically called “opponent-in-medium” or AITM attack. This makes the whole point of a platform of encrypted encrypted messaging platform.
Garrett said the X “gives you the public key every time you communicate with them, so even if they have implemented it correctly, you cannot prove that they have not created a new key” and executed an AITM attack.
Another red flag is that none of the Xchat application at this point is an open source, unlike Signal’s, which is openly documented in detail. X she says Its purpose is to “open our application and to describe in -depth encryption technology through a technical white paper later this year.”
Finally, X does not offer “Perfect secrecy forward“A cryptographic mechanism by which each new message is encrypted with a different key, which means that if an intruder compromises in the user’s private key, they can only decipher the last message and not all the previous ones. admits This gap.
As a result, Garrett does not believe that Xchat is at a point where users still have to trust it.
“If all stakeholders are fully reliable, the x application is technically worse than the signal,” Garrett told TechCrunch. “And even if they were fully credible to start, they could stop being reliable and compromise trust in many ways […] If they were either unreliable or incapable of initial application, it is impossible to prove that there is some security. ”
Garrett is not the only specialist to cause concerns. Matthew Green, a cryptography expert who teaches at Johns Hopkins University, agrees.
“For the time being, until I get a complete control of someone reliable, I wouldn’t trust it more than I trust current non -encrypted DMS,” Green told TechCrunch. (Xchat is a distinctive feature that lives, at least for now, along with Legacy’s immediate messages.)
X did not answer several questions sent to the email address of the press.
