BYU

Abstract by Austin Kolander

Personal Infomation


Presenter's Name

Austin Kolander

Degree Level

Undergraduate

Co-Authors

Tarun Yadav
Aaron Chan

Abstract Infomation


Department

Computer Science

Faculty Advisor

Kent Seamons

Title

Performing a Fake Key Attack on Secure Messaging Apps

Abstract

Secure messaging apps encrypt a message end-to-end so that only the clients can read it. Examples include WhatsApp, Signal, and Facebook Messenger’s secret chat. These apps implicitly trust a centralized server to relay messages and deliver the correct encryption key, making them vulnerable to fake key attacks. We demonstrate how a malicious server can decrypt and read your sensitive messages while using these apps.