Abstract
Instant messaging services are quickly becoming the most dominant form of communication among consumers around the world. Apple iMessage, for example, handles over 2 billion messages each day, while WhatsApp claims 16 billion messages from 400 million international users. To protect user privacy, many of these services typically implement end-to-end and transport layer encryption, which are meant to make eavesdropping infeasible even for the service providers themselves. In this paper, however, we show that it is possible for an eavesdropper to learn information about user actions, the language of messages, and even the length of those messages with greater than 96% accuracy despite the use of state-of-the-art encryption technologies simply by observing the sizes of encrypted packets. While our evaluation focuses on Apple iMessage, the attacks are completely generic and we show how they can be applied to many popular messaging services, including WhatsApp, Viber, and Telegram.
- Spencer Ackerman and James Ball. Optic Nerve: Millions of Yahoo Webcam Images Intercepted by GCHQ. http://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo, February 2014.Google Scholar
- Inc. Apple. iOS Security. http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf, February 2014.Google Scholar
- Agathe Battestini, Vidya Setlur, and Timothy Sohn. A Large Scale Study of Text-Messaging Use. In Proceedings of the 12th Conference on Human Computer Interaction with Mobile Devices and Services, pages 229--238, 2010. Google ScholarDigital Library
- Marjorie Cohn. NSA Metadata Collection: Fourth Amendment Violation. http://www.huffingtonpost.com/marjorie-cohn/nsa-metadata-collection-f_b_4611211.html, January 2014.Google Scholar
- K.P. Dyer, S.E. Coull, T. Ristenpart, and T. Shrimpton. Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, pages 332--346, May 2012. Google ScholarDigital Library
- Michael Frister and Martin Kreichgauer. PushProxy: A Man-in-the-Middle Proxy for iOS and OS X Device Push Connections. https://github.com/meeee/pushproxy, May 2013.Google Scholar
- Dan Goodin. Can Apple Read Your iMessages? Ars Deciphers End-to-End Crypto Claims. http://arstechnica.com/security/2013/06/can-apple-read-your-imessages-ars-deciphers-end-to-end-crypto-claims/, June 2013.Google Scholar
- Matthew Green. Can Apple read your iMessages? http://blog.cryptographyengineering.com/2013/06/can-apple-read-your-imessages.html, June 2013.Google Scholar
- Andy Greenberg. Apple Claims It Encrypts iMessages And Facetime So That Even It Can't Decipher Them. http://www.forbes.com/sites/andygreenberg/2013/06/17/apple-claims-it-encrypts-imessages-and-facetime-so-that-even-it-cant-read-them, June 2013.Google Scholar
- Mark Hall, Eibe Frank, Geoffrey Holmes, Bernhard Pfahringer, Peter Reutemann, and Ian H. Witten. The WEKA Data Mining Software: An Update. SIGKDD Explorations, 11(1), 2009. Google ScholarDigital Library
- Dominik Herrmann, Rolf Wendolsky, and Hannes Federrath. Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naive-Bayes Classifier. In Proceedings of the ACM Workshop on Cloud Computing Security, pages 31--42, November 2009. Google ScholarDigital Library
- M. Liberatore and B. Levine. Inferring the Source of Encrypted HTTP Connections. In Proceedings of the 13th ACM Conference on Computer and Communications Security, pages 255--263, October 2006. Google ScholarDigital Library
- Ben Lovejoy. Massive Growth in Apple's Cloud-Based Services Eclipsed by Debate on Financials. http://www.macrumors.com/2013/01/24/massive-growth-in-apples-cloud-based-services-eclipsed-by-debate-on-financials, January 2013.Google Scholar
- Parmy Olson. Watch Out, Facebook: WhatsApp Climbs Past 400 Million Active Users. http://www.forbes.com/sites/parmyolson/2013/12/19/watch-out-facebook-whatsapp-climbs-past-400-million-active-users/, December 2013.Google Scholar
- Andriy Panchenko, Lukas Niessen, Andreas Zinnen, and Thomas Engel. Website Fingerprinting in Onion Routing-based Anonymization Networks. In Proceedings of the Workshop on Privacy in the Electronic Society, pages 103--114, October 2011. Google ScholarDigital Library
- Q. Sun, D. R. Simon, Y. Wang, W. Russell, V. N. Padmanabhan, and L. Qiu. Statistical Identification of Encrypted Web Browsing Traffic. In Proceedings of the 23rd Annual IEEE Symposium on Security and Privacy, pages 19--31, May 2002. Google ScholarDigital Library
- Jörg Tiedemann. Parallel Data, Tools and Interfaces in OPUS. In Proceedings of the 8th International Conference on Language Resources and Evaluation, May 2012.Google Scholar
- Andrew M. White, Austin R. Matthews, Kevin Z. Snow, and Fabian Monrose. Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks. In Proceedings of the 32nd IEEE Symposium on Security and Privacy, pages 3--18, May 2011. Google ScholarDigital Library
- C. Wright, L. Ballard, S. Coull, F. Monrose, and G. Masson. Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations. In Proceedings of the 29th Annual IEEE Symposium on Security and Privacy, pages 35--49, May 2008. Google ScholarDigital Library
- Charles V. Wright, Scott E. Coull, and Fabian Monrose. Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis. In Proceedings of the 16th Network and Distributed Systems Security Symposium, pages 237--250, February 2009.Google Scholar
Index Terms
- Traffic Analysis of Encrypted Messaging Services: Apple iMessage and Beyond
Recommendations
Pandora Messaging: An Enhanced Self-Message-Destructing Secure Instant Messaging Architecture for Mobile Devices
WAINA '12: Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications WorkshopsWe propose the Pandora Messaging, an enhanced secure instant messaging architecture which is equipped with a self-message-destructing feature for sensitive personal information applications in a mobile environment. We design the Pandora Message ...
Signature identification and user activity analysis on WhatsApp Web through network data
AbstractWhatsApp messenger is a popular instant messaging application that employs end-to-end encryption for communication. WhatsApp Web is the browser-based implementation of WhatsApp messenger. Users of WhatsApp communicate securely using ...
Securing messaging services through efficient signcryption with designated equality test
AbstractTo address security and privacy issues in messaging services, we present a public key signcryption scheme with designated equality test on ciphertexts (PKS-DET) in this paper. The scheme enables a sender to simultaneously encrypt and ...
Comments