In an effort to improve privacy and trust on the platform, X, formerly known as Twitter, recently introduced the ability to encrypt direct messages (DMs) between users through a new "end-to-end encryption" feature. While encrypted messaging is an important step towards privacy, a deeper analysis shows that X's implementation has some big limitations that undermine its security claims.
What is End-to-End Encryption?
End-to-end encryption is a type of encryption which ensures that only the sender and recipient are able to decrypt and view the contents of a message. With end-to-end encryption properly implemented, not even X as the service provider would be able to access the plaintext of messages as they are transmitted across its servers. The encryption is handled entirely on each users' devices.
How X Encrypts Messages
Through reverse engineering of X's code, security researchers have found that X utilizes both symmetric and asymmetric encryption for its private messaging:
- Advanced Encryption Standard (AES) symmetric encryption is used to encrypt the actual content of a message, generating a unique "conversation key" for each thread.
- The conversation key is then encrypted using asymmetric (public key) encryption. The recipient's public key is used to encrypt the key, while only their private key can decrypt it.
- Each user's device generates a unique asymmetric key pair, with the public key registered to their X account and the private key stored locally. Only devices with the right private key can participate in a conversation.
While this general approach of encrypting a symmetric key with asymmetric keys is sound, X's implementation is lacking some important safeguards for privacy and security.
Potential Issues with X Encryption
- Device Identity Management: X can replace a user's registered public key without notifying them, according to their policy. This would allow X to intercept conversations by using their own private key to decrypt messages. Users on other platforms like Signal get a notification if device keys change.
- Lack of Perfect Forward Secrecy: Even if a conversation key is obtained, others encrypted messaging apps like Signal only allow decrypting future messages, not the entire history. X makes the full history vulnerable.
- Closed Source Code: Without open source code, there is no way for independent analysts to thoroughly review and validate X's encryption implementation works as described.
- No External Audits: X has not subjected its encrypted messaging system to any public security audits by outside organizations.
- Limited Availability: Encrypted DMs can only be used between paid Twitter Blue subscribers, limiting its usefulness.
While expanded encryption options are welcomed, X's current implementation has deficiencies that raise questions about true end-to-end privacy. For casual use, it offers a step up from no encryption. But more work is needed before relying on it for highly confidential exchanges. Open source encrypted messengers generally provide users stronger privacy assurances.
Who Can Use Encrypted Messaging on X?
X heavily restricts who is even eligible to use encrypted DMs. The feature is only available for direct conversations between two accounts that are:
- Signed up for Twitter Blue, X's paid $8/month subscription service.
- Verified through one of X's verification processes (blue checkmark accounts).
Additionally, both accounts must already be connected in some way - either following each other already or having previously 'DMed'. This means the encrypted messaging network is tiny, limited to celebrities, journalists and other public figures - not the average X user.
Some critiqued this approach as 'paywalling' basic privacy features. It also misses the key benefit of platforms like Signal, which allows encrypted communication between any two users globally as long as they know each other's phone numbers. For sensitive discussions, a very limited reach severely hampers the utility of X's encryption claims.
Comparing X to WhatsApp and Signal
To put X's encrypted messaging capabilities in perspective, it's worth comparing to industry-leading messengers WhatsApp and Signal that also offer encryption:
WhatsApp:
- Uses the open-source Signal Protocol for its "Secret Messages" feature.
- Encryption is enabled by default for all users.
- Includes security features like key verification and forward secrecy.
Signal:
- Also uses the Signal Protocol, pioneered by Open Whisper Systems.
- Fully open source code allows independent cryptographic review.
- Most privacy-focused implementation with full security best practices.
Compared to these platforms that garner the trust of security experts worldwide, X falls short through its restrictive access, technical compromises and opaque proprietary implementation. Unless the platform commits to addressing known issues, users seeking true privacy have better options. You can check out the full comparison of encrypted messaging apps here
Should You Use X's Encrypted Messaging?
Given the above limitations, security experts do not consider X's implementation robust enough for highly sensitive conversations. Some key takeaways on when to use X encrypted messaging:
- For casual DMs between friends, it provides improved privacy over regular DMs which X can access. The encryption offers critical protection against employees reading messages.
- However, do not rely on it for communications where compromise could have serious consequences, such as confidential business discussions or communications with whistleblowers. More hardened options like Signal are recommended.
- X says it plans to add features like cryptographic signature checking in the future, but until major changes are made and independent audits pass, there is no guarantee of robust privacy.
- The closed and proprietary nature means there is no way to fully vet their security claims. Open source alternatives provide far more transparency.
- If you must use X's platform for DMs, enable encryption when possible. But be aware the security is untested compared to vetted apps explicitly focused on privacy.
X's move towards encryption is a step in the right direction. But its implementation falls short of providing true end-to-end security due to technical compromises. While a reasonable option for general chatting, its limitations mean sensitive data would be safer communicated elsewhere for now.
Unless and until X addresses known deficiencies by adopting more rigorous open standards like the Signal Protocol, security experts cannot fully endorse relying on it for sensitive use cases. However, for general social messaging, it offers marginal gains over the total surveillance of standard DMs.
With further development, it could become a more viable private communication option. For now, other dedicated messengers like Signal are still far more trusted for truly private conversations. X has taken a step in the right direction, but has further to go to convince privacy advocates of its efficacy. Only time will tell if it follows through on that commitment.