Review of End-to-End Encryption for Social Media

Abstract

People have valid concerns about their privacy and the use of their personal information by corporations. People do not necessarily trust social media companies to protect their right to privacy. Social media companies are under pressure to provide greater levels of security and privacy to their users. The current gold standard of security protocols for messaging system is the Signal Protocol. The Signal protocol is an open-source end-to-end encryption model. It uses AES-256, HMAC-SHA256 and Curve25519 as its cryptographic primitives. This protocol is currently considered cryptographically sound and provides excellent information security. However, many social media companies are still using less secure protocols often underpinned by less secure primitives. This paper discusses in detail the various cryptographic primitives used in social media apps like WhatsApp, Twitter, Facebook, Snapchat and Instagram.