Important update 18 January 2016: Peerio is not secure. Founder leaves and says it will be backdoored. Beware!
Peerio has responded to this update, saying that,
“Your update about a backdoor in Peerio is misleading and the result of the social media grapevine. Please review Peerio’s response: http://blog.peerio.com/post/137688606324/you-can-trust-peerio-thats-a-fact
Short story. No cryptographic backdoor. No plans for a backdoor — that is, an intentional fault or weakness in cryptography. The company is discussing a “trusted contacts” model of multi-party authentication that will be entirely optional for both individuals and businesses interested in account recovery. The idea is that account recovery could be enabled by voluntarily sharing fragmented pieces of your secret key with three or more contacts. No individual contact can access your account, but in the event of an emergency, you could call on these contacts to help recover your account.
The discussion is at this point entirely hypothetical, and more research is required.”
We should note that
End-to-end encryption of communications is all the rage these days (and about time too!), but despite many grandiose claims, few products deliver a genuinely secure way to communicate – an issue that had been given added urgency by the UK Prime Minister’s promise to ban end-to end encrypted messaging (for which he is seeking US cooperation).
Enter Peerio, a free and open source (FOSS) end-to-end messaging app from 24 year old crypto-wizkid Nadim Kobeissi (privacy activist and developer of open source webchat client Cryptocat, plus the well regarded miniLock file encryption and sharing Chrome app). Unfortunately, Cryptocat turned out to be majorly flawed, a disastrous mistake that Kobeissi says he is determined not to repeat.
Peerio in fact bills itself as more than just an encrypted messaging app – describing itself as an ‘encrypted productivity suite’, Peerio goes some way towards replacing traditional webmail services such as Gmail, while also including Google Drive style features. Kobeissi told Wired that,
‘With Peerio everything you share or communicate with your team is secured with state-of-the-art encryption, and it’s as easy as using Gmail. You don’t need to learn to use it. Peerio brings crypto to where the people are.’
- End-to-end encrypted Instant Messaging (IM)
- Drag & Drop file transfer and storage – 400MB size limit , 1 GB storage total (Kobeissi says this will climb in future updates)
- Real-time delivery notifications
- Remote file destruction
- Open source
Peerio aims to avoid the complexity of PGP (the only tried and tested way to send secure end-to-end emails), while being equally secure,
‘We wanted to take every possible use case of PGP and put it in a single app and make it better.’
It does this by removing the complexity of PGP’s key management, where a user generates a ‘private key’ which they then use to decrypt emails sent to them encrypted using their ‘public key’. If the private key ever becomes compromised, then then all emails sent using its matching public key are also compromised.
Peerio’s solution is to instead generate a new private key based on a user’s passphrase every time they sign into the app, and which disappears whenever they quit the app (i.e. it is ephemeral). This has the advantage that users do not need to worry about protecting their private keys, and can access their emails and files from any computer (as they do not need to keep their private key with them).
The disadvantage is that security therefore relies on one passphrase, although this is balanced by the fact that all passphrases must be at least 30 characters long, or consist of many randomly chosen numbers and characters.
The system is based on Kobeissi’s miniLock technology, and like miniLock it uses Curve25519 elliptic curve cryptography. Given Kobeissi’s Cryptocat fiasco, users should be careful about trusting untried software, although miniLock (on which Peerio is based) now has more than 10,000 users since its release last July. Further details about the crypto used can be found on Peerio’s GitHub page.
Peerio has also been given a third party penetration test and a full audit by security firm Cure53, which found only a few non-cryptographic bugs that have now been fixed. Mario Heiderich, who led the auditing team, noted that,
‘The good thing that I’ve found about Nadim is that he’s taken criticism and made something out of it. There’s a major leap from Cryptocat to what is now Peerio. We had a positive impression about the whole thing.’
Although Peerio is open source and all features are currently free, plans are afoot to offer a paid-for premium service, offering additional features such as increased file storage limits.
Peerio is currently available for Chrome, Windows and Mac OSX, with apps for Linux, Android and iOS on the way. We tested the Windows version.
1. Provide some basic information (there is nothing preventing the use of an alias and disposable email address).
2. Enter a long passphrases. We used letters and few numbers, and this was accepted at 26 characters long.
3. An email with an account confirmation code will be sent to you.
You do not need to enter your long passphrase every time you sign-in on a device you have already signed-in on. You can instead use a shorter password (called a PIN) of your own choosing.
And that’s it! Setting up is by far the most complicated part of using Peerio, and need be done only once per account.
Peerio in use
We found Peerio to be an attractive and elegantly easy-to-use program.
Sending and receiving messages is very simple. By default, Peerio will notify you by email when a new message is received. Note that messages can only be sent to and received by other Peerio users
Files (currently limited to 400MB) can be uploaded and stored encrypted on Peerio’s servers (total file size 1GB). Files can be sorted by type
Files can be attached to messages, and are decrypted and downloaded to the desktop transparently
You can destroy your files, which also remote-destructs them in the accounts of anyone you sent them to. This is a neat feature, but if a recipient has already downloaded the files to their desktop then they will not be destroyed
New contacts must be approved. If you add a contact that does not have a Peerio account, then you can elect to send them a Peerio invitation
Although it should be borne in mind that this is a beta service whose encryption should therefore not be completely trusted yet, Peerio looks very promising.
The software is very user-friendly (much more so than PGP!), and the half year trial testing of the underlying cryptography with the miniLock Chrome extension, plus the full independent auditing by Cure53, gives us a high degree of confidence in the product, as of course does the fact that it is open source.
We like it!
Peerio can be downloaded for free from the Peerio website.