Messaging services like WhatsApp and Telegram use end-to-end encryption (E2E) to secure messages sent and received. Their systems uses a single company's server to store encrypted information.
Complete dependence on a single firm’s server prevents users from being able to control how their private messages are being handled.
(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
Researchers at Carnegie Mellon University have devised a new security protocol to decentralise E2E, enabling users to store their messages in a more flexible network.
The system is an extension of the steady group key settlement (GKA) — a previously developed safety protocol that permits a group of people to send and receive messages without relaying on a message group supervisor. “If your message is routed through one server and the company raises the prices or shuts down, you could switch to another server seamlessly,” the team noted.
Also Read | Quantum computers pose security threats, report says
If users are using a central server run by a company to communicate, but it gets blocked or shut down, they could switch to a self hosted server that is physically in one of their homes, the team noted.
“If that’s blocked too, or if the whole Internet is shut down, they could switch to using a mesh network in which nearby devices connect over Bluetooth,” the team said in a paper titled ‘Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees’.
"Right now, messaging app companies are in charge of users, when really it should be the other way around," one of the researchers noted. "Users should have the freedom to choose how their messages are handled.
