Not So Secret: Analysis of KakaoTalk's Chat E2EE Feature
KakaoTalk's Secret Chat feature has significant vulnerabilities, including susceptibility to man-in-the-middle attacks and lack of essential security measures. Users are advised to consider more secure alternatives like Signal.
Read original article
The analysis of KakaoTalk's Secret Chat end-to-end encryption (E2EE) feature reveals several significant vulnerabilities. The Secret Chat option, which is not enabled by default, allows for E2EE messaging but is susceptible to man-in-the-middle (MITM) attacks. An attacker with server access could replace public keys without notifying users, enabling them to read encrypted communications. The protocol lacks essential security features such as ciphertext integrity, which means messages can be manipulated undetected, and freshness, allowing for potential replay attacks.
KakaoTalk's E2EE is opt-in, and users must manually verify public key fingerprints to ensure authenticity. The central public-key database managed by Kakao Corp. poses additional risks, as it can be exploited for MITM attacks if users do not compare keys. Furthermore, the absence of server authentication in the LOCO messaging backend raises concerns about trusting the server, which could lead to unauthorized access to sensitive information.
The analysis suggests that high-risk users should avoid using KakaoTalk's Secret Chat and opt for more secure alternatives like Signal. Users are advised to create new chat rooms for each conversation and to stop using the feature if any warning messages appear. Overall, while KakaoTalk has made efforts to provide E2EE, the existing flaws highlight the need for users to exercise caution and consider more robust messaging platforms.
5 commentsIf you are more serious about security and privacy, don’t use an app that still uses a broken protocol (SMS) that’s vulnerable to different types of attacks as your main ID. Use Matrix or similar instead.
The suggested alternative (Signal) at one point changed such warnings so that that they are much easier to miss and/or ignore[1]. They are now shown in tiny light grey text and the user no longer has to acknowledge the warning at all. So not a great counterexample...
It seems that these type of things go through a natural evolution. First security at the expense of usability and then later usability at the expense of security. We really need to come to terms with the hard problem of E2EE usability rather than continue to engage in this constant waffling...
- the old adage "don't roll out your own cryptography" (even if you're one of the biggest conglomerate in one of the world's wealthiest country).
- not a single person I know use this secret chat feature - it's sadly still quite rare in Korea to meet a privacy minded person even (especially?) in tech-focused groups, people use Telegram (which might be worst)