A look into the Mobile Messaging Black Box: A gentle introduction to mobile messaging and subsequent analysis of the Threema protocol.

Presented at 33C3 (2016), Dec. 28, 2016, 11:30 a.m. (60 minutes)

Most of us use mobile messaging every day. We use certain apps that we chose for a number of factors, like our friends using it, good press, privacy promises, or simply their feature sets. This talk aims to enable more of us to reason about the privacy and security of messaging apps. We will try to present simple analogies translating abstract security and privacy expectations into concrete feature sets. We will illustrate these features using the the popular messaging app Threema. Our analysis of its protocol is based on our own reverse-engineering efforts and a re-implementation of the Threema protocol that we will release during the talk.

Despite its ubiquitous application and widespread acceptance, mobile instant messaging remains a complex matter and is often not understood by its users. Easy-to-use apps and security assurances by their developers suggest users a safe and private environment for conversation. At the same time, more and more apps flood the market and it is becoming increasingly difficult, even for technically-educated users, to keep track of both technological development and their own security and privacy requirements. We want to present a talk that sheds some light into technical aspects of mobile instant messaging and presents an overview of techniques and design decisions by different mobile instant messaging app developers. We aim at both technically-educated and casual users alike, trying to present simple analogies and break down complex details into understandable components. After an introduction to the mobile instant messaging world, we will dissect one of the most popular mobile instant messaging apps in Germany: Threema. It is closed-source and only superficially documented, yet widely used. We picked it for a particular design decision in its protocol, the lack of which we consider the most important flaw in competitor protocols like Signal: the use of discardable IDs in favor of phone numbers. Another interesting aspect about Threema’s protocol is its use of the NaCl library for end-to-end encryption. We have fully reverse-engineered the Threema app and can therefore analyze and present its protocol and our analysis of it in detail.


  • Frieder Steinmetz
    Student of Computer Science and Engineering with a strong interest in InfoSec.
  • Roland Schilling
    Roland Schilling holds a Dipl.-Ing. degree in Computer Science and Engineering from Hamburg University of Technology (TUHH) and has been working as a Ph.D. Student and Research Assistant in the institute of Security in Distributed Applications at TUHH for almost five years with a research focus on mobile communication security. During this time he has been teaching classes in software- and application security, as well as introductory security lectures.


Similar Presentations: