CyanogenMod SMS integrates Open WhisperSystems’ TextSecure For Secure Text Messages


CyanognenMod clocks 20,000 installs a day and currently includes a user-base of 10 million. Over the past few months, the CyanogenMod team partnered with Open WhisperSystems to create a transparent way for end-to-end text message encryption. The firmware’s SMS/MMS provider will now operate of TextSecure protocol sending encrypted SMS’s as push messages to the receiving device. This will be decrypted on the receiving device and delivered as a normal incoming SMS.
School boys whispering secrets in classroom
Users don’t have to initiate a key exchange or to know whether the recipient is online. “Everything works just like the normal asynchronous SMS experience, even if the recipient doesn’t have their device on.” – Moxie Marlinspike on the Open WhisperSystems blog.

Any SMS app can be used to send encrypted text messages on devices running CyanogenMod firmware. Users have the option of verifying identity keys and they can receive notifications if these keys change. “We will also be adding some minimal visual feedback to the stock CyanogenMod Messaging app to indicate when the user has an expectation of privacy and when they don’t, but the base experience won’t change at all.” – Moxie Marlinspike.

TextSecure Protocol Features:

  • TextSecure V2
  • Axolotl forward secrecy ratchet
  • 3DHE agreement for OTR deniable messages
  • Cryptographic primitives: Curve25519, AES-256, HmacSHA256
  • Transport protocol: TextSecure Push API

Pervasive surveillance is now a real threat to modern communications. Large companies and governments continue to violate internet user privacy by monitoring and collecting as much information on them as possible. The partnership by CyanogenMod and Open WhisperSystems to protect user from this large-scale surveillance is a positive step in modern communication.