Threema — Secure Messengers.. or not so secure? Part 3

Yesterday we took a look at Signal, and today we come to Part 3 of our Secure Messenger reviews with our thoughts about Threema.

Threema started life as an abbreviation: “EEEMA”, meaning “End-to-End Encrypted Messaging Application”. The three “E”s were a bit unwieldy, so it became “Threema”.

Threema uses the trusted open source NaCl cryptography library for encryption. The encryption keys are generated and safely stored on user’s devices to prevent backdoor access or copies.

We raised a few issues about Signal, and to be fair we also have some complaints about Threema as well. Other than the actual encryption, the rest of Threema is not open source. This is usually a big issue when it comes to trust, but it has to be said that Threema’s source code has been independently audited.

Another issue is when you have created a group but at a later stage you want to switch devices. Since the encryption happens on your device only, you won’t be able to continue with that group on another device. Even if you switch your identity over to another phone (this option exists), it still won’t help.

Threema also shares the same belief with Signal that Google services are the way to go when it comes to push notifications. However, unlike Signal, Threema offers a way around this. Under settings / troubleshooting you can select Polling and Polling interval (5/15 out of 30 minutes). Threema will then poll the messages from the server just like IMAP polling without push. Our experience was that we still received almost instant notifications. This is great!

Threema costs 2 CHF or an equivalent amount in either USD or EUR. You are not forced to rely upon Google Play or the Amazon store as you can purchase the APK directly at the Threema Shop with Bitcoin. This is what we did, installing Threema on a BlackBerry Passport and it works like a charm.

When you start Threema for the first time, you move your finger around the screen to generate your 8 digit Threema ID. This is a truly “decentralized” type of ID as it is generated away from any server. To sign up for Threema you need neither phone number nor email address, a unique feature which allows users to remain 100% anonymous. If you want to, there is an option to enter your email and phone number in your profile which will allow friends to find you. However, we recommend just to run with the Threema ID only.

To ensure maximum security, both the connection between the app and the servers and the one between the parties communicating with each other are encrypted separately. The former is especially important as anyone capturing network packets (on public wifi for instance) can’t figure out who is messaging to whom.

Users have total control over key exchange with encryption and decryption staying on their device only. The server operators or any other party are therefore unable to decrypt messages.

“Strength of the encryption: The asymmetric ECC based encryption used by Threema has a strength of 255 bits. According to a NIST estimate (page 64), this corresponds at least with the strength provided by 2048 bit RSA. ECDH on Curve25519 is used in conjunction with a hash function and a random nonce to derive a unique 256 bit symmetric key for each message, and the stream cipher XSalsa20 is then used to encrypt the message. A 128 bit message authentication code (MAC) is also added to each message to detect manipulations/forgeries.

Forward secrecy: Threema provides forward secrecy on the network connection (not on the end-to-end layer). Client and server negotiate temporary random keys, which are only stored in RAM and replaced every time the app restarts. An attacker who has captured the network traffic will not be able to decrypt it even if he finds out the long-term secret key of the client or the server after the fact.”

The auditing agency which Threema have employed, attested in their report as follows:

• Threema’s concepts meet the requirements for truly secure and trustworthy messaging.
• The application of the encryption is correct and implemented as documented by Threema.
• The used protocols are free of vulnerabilities.
• The app’s local data is stored in a safe and secure manner.
• The server components only store data that is absolutely necessary for message delivery.
• The servers are located in Switzerland.

Every message gets deleted from Threema’s server the moment it has been delivered to your device. Again, encryption takes place on your device. This makes Threema one of the best, if not the greatest messenger option around. You can also protect your actual app with a PIN, or on iOS with the Touch ID. (Apple claims that your fingerprints never reach the icloud but although there is no proof of this, let’s just assume it is true). Additionally, you select an encryption password which is used to encrypt the messages on your device.

All this effectively prevents the collection and misuse of your personal information, including meta data.

A nice feature is the Poll capability. This allows you to create unique polls and lets your group vote on things. There is an option for voice messages but it should be kept in mind that Threema doesn’t offer a calling feature.

For further privacy, Threema allows you to turn off the “message read” and “typing” indicators. In other words if you don’t want the other party see that you have read their message or that you are typing a reply, these indicators won’t be shown.

You can also Mute individual notifications (per member) or switch off group notifications. In addition, you can block a member entirely and never receive any notifications or text from him ever again. You can add members and remove members of a Group at any time as the administrator of the group.

Enter anyone’s Threema ID then you can start to text to them. Next to both of your names there will be a red dot which means neither of you is verified. Should you later meet up in real life, you can scan each other’s QR codes and the red dots turn to green indicating verification.

Threema also has the option to block some of the contacts which are texting to you. In other words, if someone knows your Threema ID but you never exchanged the QR code or a key fingerprint, he won’t be able to text you. If you enter his ID manually and he enters yours manually he will be able to text you as you both have exchanged your ID (not verified with a red dot). This also prevents a man-in-the-middle attack. You can select an option wherein everyone who knows your Threema ID can text to you. This is very practical should you want to post your ID on a website.

To give further confidence to users, Threema’s servers are located in Switzerland. But even if the servers are compromised it is reassuring to know that your encrypted communications could still not be read. Moreover, your messages are only on the server until they are delivered to your device. After that they are deleted.

If Threema were to be totally open source, it would be the ultimate messaging app. However we need to rely on the auditor’s report and so we have a link below with the full information. There were in fact 2 independent teams who looked over Threema’s claims and the source code.

Threema is great, and we use it and rely on it daily. They have recently brought out a new version with a fun “agree or disagree” feature for your incoming messages. Chat groups are increased to 50 members and if you are involved in several different chats at the same time, you can mute notifications for one or more of the chats. Individual notification sounds for each chat group are also available.

Threema Audit Report
Threema Whitepaper

Next: we will be taking a look at BBM protected and the day after that we will have a conclusion as to which of the 3 messengers really offers the best in features and security.