Open WhisperSystems has announced that its TextSecure protocol, a service that allows users to communicate with encrypted text messages, will be shipped with CyanogenMod, the open source aftermarket Android firmware distribution.
Cyanogen Mod has ten million users and around 20k installs a day, with a growth that is beginning to rival some of the big players in smartphone OS distribution.
On a blog post on its website, WhisperSystems said: "We want everyone to have access to advanced secure communication methods that are as easy and reliable to use as making a normal phone call or sending a normal text message.
"The TextSecure protocol will begin shipping as part of the CyanogenMod OS-level SMS provider, in an effort to provide completely transparent end-to-end text message encryption between all of their users."
The firm explained that if an outgoing SMS message is addressed to another CyanogenMod or TextSecure user, it will be transparently encrypted and sent over the data channel as a push message to the receiving device. That device will then decrypt the message and deliver it to the system as a normal incoming SMS.
"The result is a system where a CyanogenMod user can choose to use any SMS app they'd like, and their communication with other CyanogenMod or TextSecure users will be transparently encrypted end-to-end over the data channel without requiring them to modify their work flow at all."
The encryption layer is the TextSecure V2 protocol, which employs the Axolotl forward secrecy ratchet for forward secrecy and the 3DHE agreement for deniable messages.
The TextSecure V2 cryptographic primitives are Curve25519, AES-256, and HmacSHA256. The transport protocol is the TextSecure Push API, which makes use of a prekey system to obtain forward secrecy in an asynchronous messaging environment. The client logic is contained in a CyanogenMod system app called WhisperPush, which the system hands outgoing SMS messages to for optional delivery.
The Cyanogen team runs their own TextSecure server for WhisperPush clients, which federates with the Open WhisperSystemsTextSecure server, so that both clients can exchange messages with each-other seamlessly. All of the code involved throughout the entire stack is fully Open Source.
Geodis Wilson is a leading global freight management company, providing IT solutions based on transparent e-Services and delivering tailor-made,...