Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Encryption in the Ukrainian War

Encryption in the Ukrainian War

Encrypted data communications are at the forefront of a war in which Russia is establishing itself as the second most powerful military in Ukraine. The lack of encrypted communications already led to the death of one Russian general and many incidents of intercepted communication.

Although most military communications are designed to be encrypted, investigative reporter Christo Grozev from Bellingcat explains the role of the Era phone and that the infrastructure required to run it was destroyed:

The idiots tried to use the Era cryptophones in Kharkiv, after destroying many 3g cell towers and also replacing others with stingrays. Era needs 3g/4g to communicate. The Russian army is equipped with secure phones that can't work in areas where the Russian army operates.

Many citizens in Ukraine are leveraging full end-to-end encrypted communication systems, with Signal as the most popular. Cloudflare published statistics for Ukraine and Russia indicating that Signal has surpassed Telegram for the first time. Although both applications prominently define themselves as encrypted messengers, the role that encryption plays is different:

  • In an encrypted messenger like Telegram, data is encrypted but the service owner has the encryption key and can read messages.
  • In an end-to-end encrypted messenger like Signal, private encryption keys are held with the device owner. The service owner cannot read messages.

Signal founder Moxie Marlinspike published a warning to Ukranian internet users that Telegram does not use end-to-end encryption. A main aspect of Marlinspike’s objection is the way that leverage can be applied against an encrypted service – because it is possible for the service to read messages, the right leverage can eventually yield a result. During a tweet exchange with Elon Musk, Marlinspike provided additional technical information and details of how Signal responds to government demands. The primary difference between these encrypted messengers is key management and the role that whoever has the key has the data.

Anastasiia Voitova, head of customer solutions at Cossack Labs, explains the difference of end-to-end encrypted messengers. Cossack Labs provides open source encryption technologies, with research based in London and Kyiv, Ukraine.

Cossack Labs provides several encryption tools deployed across the world that protect data in motion as well as data at rest. When used in applications, each component acts as a data safeguard. The open source Themis library provides a suite of tools that make encrypted communication easier for developers. Instead of making many cryptographic decisions and different APIs, Themis simplifies the decisions about which algorithms to use and how, spread across fourteen different platforms - this interoperability enables teams to coordinate between software skillsets like React, Java, web/JS, Go, Kotlin, Swift, and others.

Cossack Labs also offers Acra, a library for managing data at rest. Designed for distributed applications, Acra provides a way to encrypt/decrypt sensitive data on a client yet still store the data on a centralized system. Using Acra, developers can perform transparent encryption, knowing only as much about the encryption technology as they want to know at a single time. While many cryptographic APIs offer the burden of choice, Acra provides a series of pre-made decisions that result in the correct, properly-secure outcome.

Those looking to assist Ukraine can use the Official NBU Special Account to Raise Funds for Ukraine’s Armed Forces or Official NBU Fundraising Account for Humanitarian Assistance to Ukrainians Affected by Russia’s Aggression.

About the Author

Rate this Article