Toggle light / dark theme

Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App

A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users’ private keys.

The seven attacks span three different threat models, according to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong, who reported the issues to Threema on October 3, 2022. The weaknesses have since been addressed as part of updates released by the company on November 29, 2022.

Threema is an encrypted messaging app that’s used by more than 11 million users as of October 2022. “Security and privacy are deeply ingrained in Threema’s DNA,” the company claims on its website.

Quantum Breakthrough: Light Source Produces Two Entangled Light Beams

One potential application: Enhancing the sensitivity of atomic magnetometers used to measure the alpha waves emitted by the human brain.

Scientists are increasingly seeking to discover more about quantum entanglement, which occurs when two or more systems are created or interact in such a manner that the quantum states of some cannot be described independently of the quantum states of the others. The systems are correlated, even when they are separated by a large distance. Interest in studying this kind of phenomenon is due to the significant potential for applications in encryption, communications, and quantum computing.

Performing computation using quantum-mechanical phenomena such as superposition and entanglement.

Researchers develop a light source that produces two entangled light beams

Scientists are increasingly studying quantum entanglement, which occurs when two or more systems are created or interact in such a manner that the quantum states of some cannot be described independently of the quantum states of the others. The systems are correlated, even when they are separated by a large distance. The significant potential for applications in encryption, communications and quantum computing spurs research. The difficulty is that when the systems interact with their surroundings, they almost immediately become disentangled.

In the latest study by the Laboratory for Coherent Manipulation of Atoms and Light (LMCAL) at the University of São Paulo’s Physics Institute (IF-USP) in Brazil, the researchers succeeded in developing a light source that produced two entangled light beams. Their work is published in Physical Review Letters.

“This light source was an optical parametric oscillator, or OPO, which is typically made up of a non-linear optical response crystal between two mirrors forming an optical cavity. When a bright green beam shines on the apparatus, the crystal-mirror dynamics produces two light beams with ,” said physicist Hans Marin Florez, last author of the article.

Experts Warn of “Quantum Apocalypse”

Experts are warning that quantum computers could eventually overpower conventional encryption methods, a potentially dangerous fate for humanity that they’re evocatively dubbing the “quantum apocalypse,” the BBC reports.

Cracking today’s toughest encryption would take virtually forever today — but with the advent of quantum computers, they’re warning, the process could be cut down to mere seconds.

And that kind of number-crunching power could have disastrous consequences if it were to land in the wrong hands.

The Biggest Discoveries in Computer Science in 2022

As computer scientists tackle a greater range of problems, their work has grown increasingly interdisciplinary. This year, many of the most significant computer science results also involved other scientists and mathematicians. Perhaps the most practical involved the cryptographic questions underlying the security of the internet, which tend to be complicated mathematical problems. One such problem — the product of two elliptic curves and their relation to an abelian surface — ended up bringing down a promising new cryptography scheme that was thought to be strong enough to withstand an attack from a quantum computer. And a different set of mathematical relationships, in the form of one-way functions, will tell cryptographers if truly secure codes are even possible.

Computer science, and quantum computing in particular, also heavily overlaps with physics. In one of the biggest developments in theoretical computer science this year, researchers posted a proof of the NLTS conjecture, which (among other things) states that a ghostly connection between particles known as quantum entanglement is not as delicate as physicists once imagined. This has implications not just for our understanding of the physical world, but also for the myriad cryptographic possibilities that entanglement makes possible.

Google is testing end-to-end encryption for group chats in the Messages app

Google said today it is testing end-to-end encryption for RCS-based group chats on its Messages app — RCS stands for Rich Communication Services. The company noted that in the coming weeks it will be rolling out this feature to select users that are part of the app’s open beta program.

This comes after a bunch of Redditors noticed that Google was testing end-to-end encryption for group chats in October. The company’s latest announcement makes it official.

The search giant first started testing end-to-end encryption for individual RCS chats in 2020. In June, it rolled out the feature to all users of its Messages app.

/* */