Department of Computer Engineering
MS THESIS PRESENTATION
Designing Secure Mobile Messaging Over Internet
(Supervisor: Assoc. Prof. Dr. İbrahim Körpeoğlu)
Computer Engineering Department
Mobile messaging over Internet is one of the most actively used communication methods. As it is heavily used for almost all kind of topics, the security of it becomes a major concern. However, there is no widely accepted security protocol standard for it. Each implementation either defines its own security protocol or adopts an existing one. We have defined a set of security requirements for secure messaging applications. Some of the most popular secure messaging applications (Cryptocat, Telegram, Threema and Signal) are analyzed according to these requirements. We have also designed our solution to match the requirements and improved its security as much as possible without harming the usability. Our solution provides E2E encrypted messaging with PFS support, local disk encryption, certificate pinning, improved random number generation with user input and uses a strong KDF. Our design rationales for the requirements are presented and discussed in detail.
DATE: 20 January, 2016, Wednesday @ 10:00