7 of 10Image
CryptoCat has faced its fair share of criticism over security flaws — but, according to cryptography experts, its code is maturing.
CryptoCat's desktop encrypted IM service is implemented in the browser and was designed to make using encryption easier.
After an initial rejection, last week CryptoCat's founder Nadim Kobeissi succeeded in getting Apple's approval to distribute its new iOS app on the App Store.
Kobeissi explains: "Users enter a conversation using a one-time nickname. There are no buddy lists or account activity or account history to link back to the user. This way, CryptoCat offers a unique ephemerality that makes setting up encrypted conversations immediate and without any lasting history that can be traced back to users.
"CryptoCat for iPhone uses the [Off-the-record] OTR protocol for private conversations, and our solidly maturing multi-party protocol for group conversations. With our current research into mpOTR, we hope to soon offer an upgraded global standard that brings CryptoCat’s encryption system to other platforms as well."
According to encryption experts, OTR is a well-studied protocol for one-to-one communications, but question marks still hang over the multi-party variant. An Android app is on the way.
The Onion Browser for iOS
The Onion Browser promises access to the dark net from your mobile phone and tunnels web traffic through The Onion Router (TOR) encrypted network.
The Onion Browser is only for iOS devices and has been developed independently of the Tor Project, which maintains its own Tor browser for desktops.
However, the Onion Browser offers similar benefits, such as masking the user's IP address and web browsing activities. It also allows users to access hidden services at .onion addresses and a one-click option to clear browser cookies.
Anyone concerned about their privacy should probably read the disclaimer by the app's developer, Mike Tigas, who notes that regardless of the app, iOS devices may still leak traffic from other services and apps on the device to network providers. Also, the Onion Browser also won't conceal who you are if you log into a service outside of the Tor network.
It's available for 99 cents from the Apple App Store.
SeeCrypt's current app for Android and iOS supports encrypted voice calls and text messages over mobile networks and wi-fi. Like other apps, it only allows encrypted communications between devices installed with the app.
The South African company says its app uses "double layer, end-to-end, military-grade encryption software".
To establish trust between two users who wish to start an encrypted data transfer, SeeCrypt relies the exchange of public keys between devices. "Two different public-key systems (RSA and ECDSA/ECDH) are used for the key negotiation and authentication, and two different stream ciphers (AES in counter mode and RC4) are used for the data encryption," it explains.
The 'double layer' refers the two stream ciphers it employs, which is meant to keep data protected in the event that of the above mentioned algorithms is broken.
SeeCrypt plans on releasing a new version of the app called SC3, which will support group messaging and Outlook Calendar synchronisation.
The app is free to install, but costs $3 a month to use. The company plans on releasing a BB10 and Windows Phone version later this year.