How does Threema compare to other messengers with encryption?
Many developers of messengers claim that their app encrypts the messages that users exchange. However, there are important factors to take into account:
Type of encryption
Other messengers: Transport encryption. With some messengers, only the connection between the user’s device and the server is encrypted, e.g. using SSL/TLS. Although this means that messages cannot be intercepted while in transit (a common problem in public wireless LAN hotspots), they are in unencrypted form again once they reach the server.
Threema: Full end-to-end encryption. Threema protects all messages using end-to-end encryption – not only messages in single chats but also group messages, files, and even profile pictures and status messages. A fallback to unencrypted or merely transport-encrypted connections is impossible. In addition, a separate transport encryption is used to protect the header information in transit.
Other messengers: Proprietary encryption technologies and algorithms. Some messengers use self-created encryption methods which aren’t established or which are controversial among experts.
Threema: Tried and trusted open-source encryption. Threema uses NaCl, a well-respected and widely used open-source encryption library. Using Threema’s Validation Logging, anyone can independently verify the correct application of the encryption.
Other messengers: No means of verifying contacts’ public keys. If there is no way for users to verify that messages are actually encrypted with a contact’s proper public key, a messenger is open to MITM attacks. The service provider could easily manipulate the automatic key exchange in order to read or forge messages without users noticing it.
Threema: Verification of contacts’ identities. With Threema, users can verify others’ identities by scanning their QR codes. This way, MITM attacks are prevented, and users can be sure that the key they’re using to encrypt messages to a certain user is actually the intended recipient’s public key, not someone else’s.
Other messengers: Unspecified key-pair generation. Key pairs (private key and public key) are the pivotal element of asymmetric encryption, yet many messenger providers don’t disclose how the key pairs are actually created. If key pairs are created and distributed by the service provider, the provider could keep a copy of the users’ private keys, which essentially means that there is a backdoor.
Threema: Local key-pair generation based on randomness. Threema’s key-pair generation is performed on users’ devices by means of randomness. The private keys never leave the users’ devices and remain unknown to Threema. Therefore, it is technically impossible for Threema to decrypt users’ messages.
Other messengers: Insufficient protection on users’ devices. Chats and files that are stored on users’ devices are protected only by weak encryption or are not encrypted at all.
Threema: Strong encryption on users’ devices. Chats and files that are stored on users’ devices are protected by strong encryption.
External security audits regularly review all security aspects of Threema, the used algorithms and protocols are well-documented, and the correct application of the encryption can be verified independently.