Skype Gets End-To-End Encryption With Signal Protocol

Microsoft has introduced end-to-end encryption into Skype with its latest preview release, in a collaboration that will see it using the widely used Signal protocol.

The move brings Skype more closely into line with other popular online communications tools, including WhatsApp, Facebook Messenger and Google Allo, as well as the Signal application.

Those progams all offer end-to-end encryption using Signal, designed to protect communications from being read by anyone but the sender and the receiver.

That means the communications companies themselves, as well as law enforcement authorities, are in theory incapable of listening in on users’ conversations, something that has brought the feature in for criticism by government figures.

Private Conversations

Microsoft’s collaboration with Signal introduces a Private Conversations feature into Skype, beginning with the latest available to testers.

While some apps, such as WhatsApp and Signal itself, encrypt all communications by default, Skype’s implementation requires users to launch the feature for particular conversations, which can include audio calls, text messages and files, but not video calls. The content of the private conversations is hidden in users’ chat lists and notifications.

Currently private conversations can only be used for one-on-one communications, not group calls or chats, and on one device per user at a time. The user can switch the conversation to another device, but the messages sent and received are tied to the device used at the time, Microsoft said.

Microsoft said it’s working on improving the user experience around the chat invitation and bringing the feature to the Universal Windows Platform (UWP) version of Skype, which would enable it to run across desktop and mobile platforms.

Currently the preview, version 8.13.76.8, supports iOS, Android, Linux, macOS and Windows Desktop.

Government concern

End-to-end encryption has faced continued criticism from law enforcement authorities, who argue it allows criminals and extremists to operate with free rein.

Last week FBI director Christopher Wray repeated the call for a system that would allow for the privacy afforded by encryption while giving authorities access if needed.

Speaking at the International Conference on Cyber Security at Fordham University in New York, Wray said a possible model for such a system is the messaging platform Symphony used by major banks. In response to regulators’ concerns, he said four New York banks agreed to retain copies of all messages they sent or received over the platform for seven years.

“The banks also agreed to store duplicate copies of the decryption keys for their messages with independent custodians who aren’t controlled by the banks,” Wray said. “So the data in Symphony was still secure and encrypted – but also accessible to regulators, so they could do their jobs.”

He didn’t elaborate on how such a model might apply to encrypted communications between individuals.

Cryptography experts have said governments’ calls for access are difficult to reconcile with the nature of end-to-end encryption, which by definition is under the control of those sending and receiving the messages.

Last year the European Parliament’s Committee on Civil Liberties, Justice, and Home Affairs called for end-to-end encryption to be applied to all digital communications as a way of enforcing the “principle of confidentiality”.

What do you know about the history of mobile messaging? Find out with our quiz!