You’ve probably guessed by now that the Aegees approach basically means that we never choose between usability and security. For us, providing both is a must. Our goal is to create a messaging app that will give users the ultimate in communication freedom combined with unprecedented levels of security so that even the wildest conspiracy theorists would feel carefree about using it. We also applied the same approach to implementing functionality in connecting and synchronizing new devices.
Quite a few messaging apps have been hacked by a Trojan introduced during synchronization with an infected device. As soon as the user confirms a newly connected device for synchronization, the Trojan creates a “backdoor” giving hackers full access to the message history.
Being committed to user security, we decided to develop a system that would make this impossible. We thought that separating encryption workflows for known and new devices would solve the problem. First, Aegees will run encryption protocols on devices that have already been connected and verified, using the public encryption keys. For all new devices, however, Aegees will generate a new pair of keys; public and private. Because private keys are never transferred anywhere, the new device will never be able to intercept them and access any messages that were exchanged before it was connected. This eliminates the danger of a “connection hack”.
Once a new device is connected, a synchronization request will be sent to all previously connected devices belonging to the Aegees user. When the user accepts, all his or her text messages, call history and profile data will be transferred to the new device in one batch, encrypted using the user’s encryption key. The user will then be able to decrypt the data on the new device.
As far as we know, no other messaging application uses this or even a similar approach to connecting and synchronizing new devices. Other developers have experimented with a range of solutions so far, with dropping new device synchronization altogether to maintain security at one end of the spectrum and ignoring the problem to give users better usability at the other. The Aegees approach provides both