Sydney-based inventor Mark Pesce has developed a way to use public key cryptography over private Twitter messages in response to the social media site providing the US Department of Justice (DOJ) access to user accounts last year.
Pesce, who is better known locally for being a judge on the ABC's The New Inventors series and co-inventor of Virtual Reality Markup Language, said that "it has become clear that Twitter users require a secure communication channel; one that, even when subpoenaed, would not easily give up its secrets".
To meet this objective, Pesce created CrypTweet, a Python-based program that allows users to generate the necessary RSA key pairs for public key cryptography and then use them to encrypt the contents of direct messages between two parties.
To read and send encrypted messages, CrypTweet uses a locally installed web service. The public part of the key pairs are stored on CrypTweet servers.
However, there are a number of caveats.
Since releasing CrypTweet yesterday afternoon, a number of individuals have examined the open-source code and identified security flaws. Pesce wrote on the project's website that he was waiting for an analysis of the flaws, hopefully to remediate them, and until more is known, users should consider that it may not be completely secure.
"A false sense of security is a dangerous thing for any piece of code to provide, so keep in mind that until these reviews are complete, CrypTweet may only provide the illusion of security."
One of Pesce's reasons for starting CrypTweet was to give people like Wikileaks volunteer Jacob Appelbaum, who had his Twitter account and Gmail correspondence seized by the DOJ, a second chance at secure communications. However, Appelbaum has been slightly critical of its success.
"If you're building a cypto [sic] system for communications — ask yourself — does it provide the same properties as [off the record messaging]? No? Stop — try again," he wrote from his Twitter account this morning.
Off-the-record messaging goes further than public key cryptography in that in addition to providing encryption and authentication. It also specifies that the cryptographic mechanism used should provide for forward secrecy — that if private keys are compromised, previous conversations can't be read or confirmed to have taken place; and deniability — messages that are sent aren't signed and that messages after the conversation can be forged to provide a plausible case for denying involvement.
Even if Appelbaum had used CrypTweet, it is possible that the existence of a conversation between him and a third party could be confirmed by using the public key to verify the authors of messages. It is possible that this could then be grounds to further implicate Appelbaum or the third party in a case.
Other concerns raised over CrypTweet mainly focus around the implementation of the encryption used, with some users on Hacker News criticising it and stating that CrypTweet does not generate strong prime numbers, which are used for creating the RSA key pairs.
Recently, two researchers conducted a survey (PDF) of about 7 million public keys and found that a small number — about 27,000 — had implemented the RSA algorithm using poorly selected prime numbers, which resulted in providing next to no security.
At the time of the research, RSA told ZDNet Australia that its analysis of the data pointed to the need for better care in implementation.
"We see no fundamental flaw in the algorithm itself, and urge all cryptography users to ensure good implementation and best practices are followed."