Worldwide Government surveillance raises privacy concerns and acquisition of WhatsApp by Facebook also made us think about the security concern with chat applications as well; though it was not so secure previously.
People who care about having their SMS and Instant messages protected from prying eyes, now they can use end-to-end encrypted services, like TextSecure. It is a free Android-based messaging app, completly open-source, easy to use and designed with privacy in mind.
Encrypting the stored data on the servers is as important as transferring data over an encrypted connection, but the most important factor of the encryption is that 'who has the decryption key'. If the company has the keys, then Government could snoop through your files.
TextSecure provides frictionless end-to-end i.e. local encryption to solve the privacy and security issues i.e. Local encryption and decryption. With end-to-end encryption, the data is decrypted only at the end points. All messages that are sent or received with TextSecure are stored in an encrypted database.
We can call TextSecure as a 'peer-to-peer messaging app', where messages are encrypted on one end, and only after they reach their intended recipients they are decrypted.
TextSecure developed by a team that includes security researcher and cryptographer Moxie Marlinspike, who also created the secure RedPhone app. Latest release now offers encrypted group chat, media attachments and push messaging capabilities and for security point of view, it includes advanced ratchet, and enhanced deniability. TextSecure also provides forward secrecy in asynchronous mode which is not possible if you are using GPG to encrypt your communication.
While creating an account with TextSecure, you will be asked to create a password, used to encrypt all secret information, and users are recommended to select a strong password here, but keep in mind that a lost password cannot be recovered.
In order to ensure that no 'man in the middle' attack has occurred, one can verify the recipient key's fingerprint by selecting options from menu i.e. Secure Session Options > Verify Recipient Identity.
Android users can install this secure messaging application from Google Play Store, but if you have an iPhone then you have to wait, because in coming months TextSecure will be going fully cross-platform and will release an iOS app and a Web browser add-on.
In a previous post, we have recommended a few more Secure Instant Messaging applications.. Have a look.
