Carnegie Mellon University
October 07, 2013

Press Release: Carnegie Mellon Researchers To Unveil New Smartphone App For Secure Messaging To Protect Against Interception and Impersonations

CyLab Scientists Provide Confidence for Communication in an Uncertain World

Contact: Chriss Swaney / 412-268-5776 / swaney@andrew.cmu.edu

Safeslinger AppPITTSBURGH—Carnegie Mellon University CyLab researchers have developed a free smartphone app for iOS and Android users to safely exchange identity data without risk of theft, deception and fraud.

The new app, which provides users with an easy way to securely exchange messages for free without the need to trust any external party, was recently featured at the prestigious annual ACM Conference for Mobile Computing and Networking (MobiCom) in Miami.

"SafeSlinger provides you with the confidence that the person you are communicating with is actually the person they have represented themselves to be," said Michael W. Farb, a research programmer at Carnegie Mellon CyLab. "The most important feature is that SafeSlinger provides secure messaging and file transfer without trusting the phone company or any device other than my own smartphone."

As more and more consumers access the Internet from an ever-expanding pool of mobile devices, including cellphones and tablets, threats such as eavesdropping and impersonation continue to become more frequent and increasingly sophisticated. Spammers use impersonation to seduce a victim into trusting a message, and widespread eavesdropping and information disclosure is a risk especially when hackers can capture stored information.

"With SafeSlinger users can gain control over their exchanged information through end-to-end encryption, preventing intermediate servers or service providers from reading their messages or other personal information that is exchanged," said Adrian Perrig, a professor at ETH (Eidgendssische Technische Hochschule) in Zurich, Switzerland, and former technical director of CMU CyLab.

Yue-Hsun Lin, a CMU CyLab researcher and part of the SafeSlinger team, said many mobile messenger apps still use unencrypted and even unauthorized messages for their communication. Adversaries can easily wiretap or hijack any communication between those insecure apps. "SafeSlinger protects message secrecy and authenticity against network threats through modern cryptography, but still keeps a simple user experience like today's messenger apps," Lin said.

CMU CyLab researchers report that SafeSlinger's user-centric security design includes an advanced protocol, which incorporates elements of several cryptographic schemes and factors in the prevention of numerous types of attacks.

"The details of the cryptographic schemes are complicated, however our user-centric design does not require user awareness, and with minimal user interaction the benefits of SafeSlinger are amplified when several users wish to set up a secure communication channel," said Tiffany Hyun-Jin Kim, a CyLab systems scientist who is a member of the SafeSlinger team. "Moreover, SafeSlinger's easy-to-use interface brings cryptography and secure communication to non-expert users, but also achieving military-grade security against hackers," Kim said.

For more information about SafeSlinger, see www.cylab.cmu.edu/safeslinger
 
###

SafeSlinger, a free smartphone app for iOS and Android users, provides an easy way to securely exchange messages for free without the need to trust any external party.