Facebook tests end-to-end encrypted Secret Conversations on Messenger

Need to discuss private information – say, that odd rash – with friends and family? Chat with your accountant about your financials or your wonky bookkeeping methods? Sext yourself into a lather?

Facebook’s working on it: the company announced on Friday that it’s testing end-to-end encrypted messaging as an opt-in service in Messenger.

It’s also trialling the Snapchat-ish ability to make the messages disappear: users will be able to set a timer to control how long each message remains visible.

So-called “Secret Conversations” will be readable only on the sender’s and the receiver’s devices. In other words, you can’t hop around from PC to phone to tablet and read the same message on any of the devices.

Nor can Facebook itself read the messages, it promises.

From the press release:

[The] one-to-one secret conversations in Messenger… will be end-to-end encrypted and… can only be read on one device of the person you’re communicating with. That means the messages are intended just for you and the other person – not anyone else, including us.

That comes with a caveat, though: Facebook will, in fact, be able to read messages if a party in the conversation reports it. From its technical report on Secret Conversations:

Facebook will never have access to plain text messages unless one participant in a secret conversation voluntarily reports the conversation.

But generally, Facebook won’t be able to read the encrypted conversations. That’s because the encryption happens right on a given device, using keys generated specifically for each new message.

Secret Conversations is built on the Signal protocol from Open Whisper Systems: the same protocol that WhatsApp relies on for end-to-end encryption and the same one that Google used in its new Allo end-to-end encrypted messaging app.

Cybersecurity expert Professor Alan Woodward, from Surrey University, told the BBC that Signal is well-tested and well-regarded in the cryptography community: he said if he had to choose from current messaging systems, he’d be looking for one based on Signal.

He noted, though, that Facebook hasn’t been particularly forthcoming with details of how Signal was implemented:

[Facebook’s technical report was] not as complete as many would like… I’d like to know more about exactly how it is implemented, or at least know that those who can analyze such systems have scrutinized the code.

Facebook says Messenger’s using the Signal protocol implementation currently available in open-source libraries for Android and iOS, but it’s added new abuse-reporting features to what’s in use now by other platforms.

Not all Messenger conversations will have end-to-end encryption. As was rumored last month, it’s opt-in: a choice that dissatisfied some in the security community.

Facebook put some thought into that decision, it says: as it is, Secret Conversations are going to be barebones, stripped of rich content like GIFs, videos, the ability to make payments, or other popular Messenger features.

From Facebook:

Starting a secret conversation with someone is optional. That’s because many people want Messenger to work when you switch between devices, such as a tablet, desktop computer or phone. Secret conversations can only be read on one device and we recognize that experience may not be right for everyone.

Facebook’s running tests on a limited basis, adding that Secret Conversations would become more widely available over the next few months.