Facebook Friday began rolling out a new feature in Messenger, dubbed Secret Conversations, that will offer end-to-end encryption based on the Signal Protocol developed by Open Whisper Systems, according to a company blog post.
The optional feature will “better support conversations about sensitive topics,” the company wrote, noting that, like banks and shopping websites, Messenger already uses secure communications and a bevy of Facebook tools designed to block malware and spam.
But for more private communications that require additional safeguards, the option will let users “create one-to-one secret conversations in Messenger that will be end-to-end encrypted and which can only be read on one device of the person you’re communicating with,” the post said. “That means the messages are intended just for you and the other person — not anyone else, including us.”
The company said the feature is optional because some users want to be able to use Messenger when they use more than one device. “Secret conversations can only be read on one device and we recognize that experience may not be right for everyone,” Facebook said, noting that secret conversations doesn’t now support GIFs, videos and other rich content or the ability to make payments. It also doesn’t support some other Messenger features popular among users.
The Secret Conversations feature “is a distinct conversation mode” within Messenger that relies on “Signal Protocol’s implementation as available in the opensource libsignal-protocol-java and libsignal-protocol-c libraries for Android and iOS respectively,” according to an 11-page technical paper released by Facebook, though the feature “also incorporates new abuse-reporting features which are not present other platforms” using the same protocol.
Each of the two devices in a conversation manages a number of cryptographic keys, all of which “are generated or derived on-device,” the tech paper explained. None of the private keys are ever sent to Facebook.
Messages are “encrypted with AES·CBC and authenticated using HMAC·SHA256,” the company said, with “the unique MK is derived from the current CK and RK.”
Metadata about the conversations is not end-to-end encrypted.
Conversation participants will be able to voluntarily alert Facebook to abusive content, though the tech paper noted that the user interface to report abuse is “currently under development.” At no time does the reporting function “represent a relaxation of the end-to-end encryption” guaranteed, according to tech documentation. In fact, Facebook wouldn’t be able to access plaintext messages unless a conversation participant voluntarily offered up the conversation. The Secret Conversations feature includes a mechanism to perform ‘franking’ of messages sent through Facebook,” which is akin “to placing a cryptographic stamp on the message, without learning the message content.”
Open Whisper Systems called the Secret Conversations release “a big step” though it noted in a blog post that Secret Conversations “does not enable end to end encryption for all conversations by default, like you’d find in WhatsApp or Signal.”
In April, WhatsApp integrated the Signal Protocol into its online messaging service, delivering on a promise to provide that encryption to its users.
While the company is testing Secret Conversations on a limited basis, it expects to roll it out on a wider basis later in the summer. “We hope that Messenger will continue to iterate on this deployment to make end to end encryption more pervasive throughout their product,” Open Whisper wrote.