Skip to main content
SpringerLink
Log in
Book cover

Cryptographers’ Track at the RSA Conference

CT-RSA 2021: Topics in Cryptology – CT-RSA 2021 pp 375–398Cite as

Mesh Messaging in Large-Scale Protests: Breaking Bridgefy

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12704))

Abstract

Mesh messaging applications allow users in relative proximity to communicate without the Internet. The most viable offering in this space, Bridgefy, has recently seen increased uptake in areas experiencing large-scale protests (Hong Kong, India, Iran, US, Zimbabwe, Belarus), suggesting its use in these protests. It is also being promoted as a communication tool for use in such situations by its developers and others. In this work, we report on a security analysis of Bridgefy. Our results show that Bridgefy, as analysed, permitted its users to be tracked, offered no authenticity, no effective confidentiality protections and lacked resilience against adversarially crafted messages. We verified these vulnerabilities by demonstrating a series of practical attacks on Bridgefy. Thus, if protesters relied on Bridgefy, an adversary could produce social graphs about them, read their messages, impersonate anyone to anyone and shut down the entire network with a single maliciously crafted message.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    As we discuss in Sect. 2.4, alternatives to Bridgefy are scarce, making it the predominant example of such an application/framework.

  2. 2.

    Available at https://eprint.iacr.org/2021/214.

  3. 3.

    This is facilitated by the dump flag in ForwardTransaction, but we omit this exchange in the figure as it is not relevant to the actual handshake protocol.

  4. 4.

    We had omitted details of the Bridgefy architecture, as the attacks had not been mitigated at that point in time.

References

  1. Bridgefy, April 2020. https://web.archive.org/web/20200411143157/www.bridgefy.me/

  2. Adomnicai, A., Fournier, J.J.A., Masson, L.: Hardware security threats against Bluetooth mesh networks. In: 2018 IEEE Conference on Communications and Network Security, CNS 2018, Beijing, China, 30 May–1 June 2018, pp. 1–9. IEEE (2018). https://doi.org/10.1109/CNS.2018.8433184

  3. Álvarez, F., Almon, L., Hahn, A., Hollick, M.: Toxic friends in your network: breaking the Bluetooth Mesh friendship concept. In: Mehrnezhad, M., van der Merwe, T., Hao, F. (eds.) Proceedings of the 5th ACM Workshop on Security Standardisation Research Workshop, London, UK, 11 November 2019, pp. 1–12. ACM (2019). https://doi.org/10.1145/3338500.3360334

  4. Alwen, J., et al.: Keep the dirt: Tainted TreeKEM, an efficient and provably secure continuous group key agreement protocol. Cryptology ePrint Archive, Report 2019/1489 (2019). https://eprint.iacr.org/2019/1489

  5. Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Security analysis and improvements for the IETF MLS standard for group messaging. Cryptology ePrint Archive, Report 2019/1189 (2019). https://eprint.iacr.org/2019/1189

  6. Aviram, N., et al.: DROWN: breaking TLS using SSLv2. In: Holz, T., Savage, S. (eds.): USENIX Security 2016, pp. 689–706. USENIX Association, August 2016

    Google Scholar 

  7. Bardou, R., Focardi, R., Kawamoto, Y., Simionato, L., Steel, G., Tsay, J.-K.: Efficient padding oracle attacks on cryptographic hardware. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 608–625. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_36

    Chapter  Google Scholar 

  8. BBC News: Iraqis use FireChat messaging app to overcome net block, June 2014. http://web.archive.org/web/20190325080943/https://www.bbc.com/news/technology-27994309k

  9. Becker, J.K., Li, D., Starobinski, D.: Tracking anonymized Bluetooth devices. In: Proceedings on Privacy Enhancing Technologies, vol. 2019, no. 3, pp. 50–65 (2019)

    Google Scholar 

  10. Bhavani, D.K.: Internet shutdown? Why Bridgefy app that enables offline messaging is trending in India, December 2019. http://web.archive.org/web/20200105053448/https://www.thehindu.com/sci-tech/technology/internet-shutdown-why-bridgefy-app-that-enables-offline-messaging-is-trending-in-india/article30336067.ece

  11. Bland, A.: FireChat - the messaging app that’s powering the Hong Kong protests, September 2014. http://web.archive.org/web/20200328142327/https://www.theguardian.com/world/2014/sep/29/firechat-messaging-app-powering-hong-kong-protests

  12. Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055716

    Chapter  Google Scholar 

  13. Bluetooth SIG: Core specification 5.1, January 2019. https://www.bluetooth.com/specifications/bluetooth-core-specification/

  14. Böck, H., Somorovsky, J., Young, C.: Return of Bleichenbacher’s oracle threat (ROBOT). In: Enck, W., Felt, A.P. (eds.) USENIX Security 2018, pp. 817–849. USENIX Association, August 2018

    Google Scholar 

  15. Borak, M.: We tested a messaging app used by Hong Kong protesters that works without an internet connection, September 2019. http://web.archive.org/web/20191206182048/https://www.abacusnews.com/digital-life/we-tested-messaging-app-used-hong-kong-protesters-works-without-internet-connection/article/3025661

  16. Boyle, G.: 20 Years of Bleichenbacher attacks. Technical Reports RHUL-ISG-2019-1. Information Security Group, Royal Holloway University of London (2019)

    Google Scholar 

  17. Brewster, T.: Hong Kong protesters are using this ‘mesh’ messaging app–but should they trust it? September 2019. http://web.archive.org/web/20191219071731/https://www.forbes.com/sites/thomasbrewster/2019/09/04/hong-kong-protesters-are-using-this-mesh-messaging-app-but-should-they-trust-it/

  18. Bridgefy: Developers (2018). https://blog.bridgefy.me/developers.html, https://archive.vn/yjg9f

  19. Bridgefy: Bridgefy’s commitment to privacy and security, August 2020. http://web.archive.org/web/20200826183604/https://bridgefy.me/bridgefys-commitment-to-privacy-and-security/

  20. Bridgefy: Offline messaging, April 2020. https://web.archive.org/20200411143133/play.google.com/store/apps/details?id=me.bridgefy.main

  21. Bridgefy: Technical article on our security updates, November 2020. http://web.archive.org/web/20201102093540/https://bridgefy.me/technical-article-on-our-security-updates/

  22. Cortés, V.: Bridgefy sees massive spike in downloads during Hong Kong protests, August 2019. http://web.archive.org/web/20191013072633/www.contxto.com/en/mexico/mexican-bridgefy-sees-massive-spike-in-downloads-during-hong-kong-protests/

  23. Cremers, C., Hale, B., Kohbrok, K.: Efficient post-compromise security beyond one group. Cryptology ePrint Archive, Report 2019/477 (2019). https://eprint.iacr.org/2019/477

  24. Dunning, J.P.: Taming the blue beast: a survey of Bluetooth based threats. IEEE Secur. Priv. 8(2), 20–27 (2010). https://doi.org/10.1109/MSP.2010.3

  25. Duong, T., Rizzo, J.: The CRIME attack. Presentation at Ekoparty Security Conference (2012)

    Google Scholar 

  26. Ermoshina, K., Halpin, H., Musiani, F.: Can Johnny build a protocol? Co-ordinating developer and user intentions for privacy-enhanced secure messaging protocols. In: 2nd IEEE European Symposium on Security and Privacy (EuroS&P 2017) (2017)

    Google Scholar 

  27. Fifield, D.: A better zip bomb. In: 13th USENIX Workshop on Offensive Technologies (WOOT 2019), Santa Clara. USENIX Association, August 2019

    Google Scholar 

  28. Frida: A dynamic instrumentation framework, v12.8.9, February 2020. https://frida.re/

  29. Furuhashi, S.: MessagePack (2008). https://msgpack.org/

  30. Gardner-Stephen, P.: The Serval Project (2017). http://www.servalproject.org/

  31. Garman, C., Green, M., Kaptchuk, G., Miers, I., Rushanan, M.: Dancing on the lip of the volcano: chosen ciphertext attacks on Apple iMessage. In: Holz, T., Savage, S. (eds.): USENIX Security 2016, pp. 655–672. USENIX Association, August 2016

    Google Scholar 

  32. Gluck, Y., Harris, N., Prado, A.: BREACH: reviving the CRIME attack. Black Hat USA (2013)

    Google Scholar 

  33. Goodin, D.: Bridgefy, the messenger promoted for mass protests, is a privacy disaster, August 2020. https://arstechnica.com/features/2020/08/bridgefy-the-app-promoted-for-mass-protests-is-a-privacy-disaster/

  34. Halpin, H., Ermoshina, K., Musiani, F.: Co-ordinating developers and high-risk users of privacy-enhanced secure messaging protocols. In: Cremers, C., Lehmann, A. (eds.) SSR 2018. LNCS, vol. 11322, pp. 56–75. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-04762-7_4

    Chapter  Google Scholar 

  35. Hassan, S.S., Bibon, S.D., Hossain, M.S., Atiquzzaman, M.: Security threats in Bluetooth technology. Comput. Secur. 74, 308–322 (2018). https://doi.org/10.1016/j.cose.2017.03.008

  36. HypeLabs: The Hype SDK: a technical overview (2019). https://hypelabs.io/documents/Hype-SDK.pdf

  37. HypeLabs (2020). https://hypelabs.io

  38. IETF: DEFLATE compressed data format specification version 1.3, May 1996. https://tools.ietf.org/html/rfc1951

  39. IETF: GZIP file format specification version 4.3, May 1996. https://tools.ietf.org/html/rfc1952

  40. IETF: PKCS #1: RSA encryption version 1.5, March 1998. https://tools.ietf.org/html/rfc2313

  41. Jasek, S.: GATTacking Bluetooth smart devices (2016). https://github.com/securing/docs/raw/master/whitepaper.pdf

  42. Josh Horwitz, T.i.A.: Unblockable? Unstoppable? FireChat messaging app unites China and Taiwan in free speech\(\ldots \) and it’s not pretty, March 2014. http://web.archive.org/web/20141027180653/https://www.techinasia.com/unblockable-unstoppable-firechat-messaging-app-unites-china-and-taiwan-in-free-speech-and-its-not-pretty/

  43. Kelsey, J.: Compression and information leakage of plaintext. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 263–276. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45661-9_21

    Chapter  Google Scholar 

  44. Klíma, V., Pokorný, O., Rosa, T.: Attacking RSA-based sessions in SSL/TLS. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 426–440. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_33

    Chapter  Google Scholar 

  45. Koetsier, J.: Hong Kong protestors using mesh messaging app China can’t block: usage up 3685%, September 2019. https://web.archive.org/web/20200411154603/www.forbes.com/sites/johnkoetsier/2019/09/02/hong-kong-protestors-using-mesh-messaging-app-china-cant-block-usage-up-3685/

  46. Magaisa, A.T.: https://twitter.com/wamagaisa/status/1288817111796797440. http://archive.today/DVRZf, July 2020

  47. Mihindukulasuriya, R.: FireChat, Bridgefy see massive rise in downloads amid internet shutdowns during CAA protests, December 2019. http://web.archive.org/web/20200109212954/https://theprint.in/india/firechat-bridgefy-see-massive-rise-in-downloads-amid-internet-shutdowns-during-caa-protests/340058/

  48. Mohan, P.: How the internet shutdown in Kashmir is splintering India’s democracy, March 2020. http://web.archive.org/web/20200408111230/https://www.fastcompany.com/90470779/how-the-internet-shutdown-in-kashmir-is-splintering-indias-democracy

  49. Mudzingwa, F.: This offline messenger that might keep you connected if the govt decides to shut down the internet, August 2020. https://web.archive.org/web/20200816101930/www.techzim.co.zw/2020/07/bridgefy-is-an-offline-messenger-that-might-keep-you-connected-if-the-govt-decides-to-shut-down-the-internet/

  50. News, H.: Hong Kong protestors using Bridgefy’s Bluetooth-based mesh network messaging app, August 2019. https://web.archive.org/web/20191016114954/news.ycombinator.com/item?id=20861948

  51. Ng, B.: Bridgefy: a startup that enables messaging without internet, August 2019. http://archive.today/2020.06.07-120425/https://www.ejinsight.com/eji/article/id/2230121/20190826-bridgefy-a-startup-that-enables-messaging-without-internet

  52. Open Garden: FireChat, October 2019. http://web.archive.org/web/20200111174316/https://www.opengarden.com/firechat/

  53. Open Mesh: B.A.T.M.A.N. Advanced (2020). https://www.open-mesh.org/projects/batman-adv/wiki

  54. Purohit, K.: Whatsapp to Bridgefy, what Hong Kong taught India’s leaderless protesters, December 2019. http://web.archive.org/web/20200406103939/https://www.scmp.com/week-asia/politics/article/3042633/whatsapp-bridgefy-what-hong-kong-taught-indias-leaderless

  55. Rogers, M., Saitta, E., Grote, T., Dehm, J., Wieder, B.: Briar, March 2018. https://web.archive.org/web/20191016114519/briarproject.org/

  56. Ryan, M.: Bluetooth: with low energy comes low security. In: Proceedings of the 7th USENIX Conference on Offensive Technologies (WOOT 2013), p. 4. USENIX Association, USA (2013)

    Google Scholar 

  57. Schwartz, L.: The world’s protest app of choice, August 2020. https://restofworld.org/2020/the-worlds-protest-app-of-choice/, http://archive.today/5kOhr

  58. SIG, B.: Mesh profile specification 1.0.1, January 2019. https://www.bluetooth.com/specifications/mesh-specifications/

  59. Silva, M.D.: Hong Kong protestors are once again using mesh networks to preempt an internet shutdown, September 2019. http://archive.today/2019.09.20-220517/https://qz.com/1701045/hong-kong-protestors-use-bridgefy-to-preempt-internet-shutdown/

  60. Sivakumaran, P., Blasco, J.: A study of the feasibility of co-located app attacks against BLE and a large-scale analysis of the current application-layer security landscape. In: Heninger, N., Traynor, P. (eds.) USENIX Security 2019, pp. 1–18. USENIX Association, August 2019

    Google Scholar 

  61. Skylot: Jadx - Dex to Java decompiler, v1.1.0, December 2019. https://github.com/skylot/jadx

  62. SMEX: Lebanon protests: how to communicate securely in case of a network disruption, October 2019. https://smex.org/lebanon-protests-how-to-communicate-securely-in-case-of-a-network-disruption-2/, http://archive.today/hx1lp

  63. Software Freedom Law Centre, India: Internet shutdown tracker (2020). https://internetshutdowns.in/

  64. Stein, W., et al.: Sage mathematics software version 9.0. The Sage Development Team (2019). http://www.sagemath.org

  65. Subnodes: Subnodes (2018). http://subnodes.org/

  66. Sullivan, N., Turner, S., Kaduk, B., Cohn-Gordon, K., et al.: Messaging Layer Security (MLS), November 2018. https://datatracker.ietf.org/wg/mls/about/

  67. Teknologiia Lebanon: Lebanese protesters are using this ‘Bridgefy’ messaging app – what is it? January 2020. https://medium.com/@teknologiialb/lebanese-protesters-are-using-this-bridgefy-messaging-app-what-is-it-74614e169197, https://archive.vn/udqly

  68. The Stranger: How to message people at protests even without internet access, June 2020. https://www.thestranger.com/slog/2020/06/03/43829749/how-to-message-people-at-protests-even-without-internet-access, http://archive.is/8UrWQ

  69. Twitter: Bridgefy search, June 2020. https://twitter.com/search?q=bridgefy, http://archive.today/hwklY

  70. Twitter - B1O15J, August 2020. https://twitter.com/B1O15J/status/1294603355277336576, https://archive.vn/dkPqD

  71. Twitter - Bridgefy, November 2019. https://twitter.com/bridgefy/status/1197191632665415686, http://archive.today/aNKQy

  72. Twitter - Bridgefy, December 2019. https://twitter.com/bridgefy/status/1209924773486170113, http://archive.today/aQZDL

  73. Twitter - Bridgefy, January 2020. https://twitter.com/bridgefy/status/1216473058753597453, http://archive.today/x1gG4

  74. Twitter - Bridgefy, June 2020. https://twitter.com/bridgefy/status/1268905414248153089. http://archive.today/odSbW

  75. Twitter - Bridgefy, July 2020. https://twitter.com/bridgefy/status/1287768436244983808, https://archive.vn/WQfZm

  76. Twitter - Bridgefy, June 2020. https://twitter.com/bridgefy/status/1268015807252004864, http://archive.today/uKNRm

  77. Twitter - Bridgefy, August 2020. https://twitter.com/bridgefy/status/1289576487004168197, https://archive.vn/zbxgR

  78. Twitter - Bridgefy, August 2020. https://twitter.com/bridgefy/status/1292880821725036545, https://archive.vn/tKr0t

  79. Twitter - Bridgefy, June 2020. https://twitter.com/bridgefy/status/1267469099266965506, http://archive.today/40pzC

  80. Uher, J., Mennecke, R.G., Farroha, B.S.: Denial of sleep attacks in Bluetooth Low Energy wireless sensor networks. In: Brand, J., Valenti, M.C., Akinpelu, A., Doshi, B.T., Gorsic, B.L. (eds.) 2016 IEEE Military Communications Conference, MILCOM 2016, Baltimore, MD, USA, 1–3 November 2016, pp. 1231–1236. IEEE (2016). https://doi.org/10.1109/MILCOM.2016.7795499

  81. Wakefield, J.: Hong Kong protesters using Bluetooth Bridgefy app, September 2019. http://web.archive.org/web/20200305062625/https://www.bbc.co.uk/news/technology-49565587

  82. Zuo, C., Wen, H., Lin, Z., Zhang, Y.: Automatic fingerprinting of vulnerable BLE IoT devices with static UUIDs from mobile apps. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1469–1483. ACM (2019)

    Google Scholar 

Download references

Acknowledgements

Part of this work was done while Albrecht was visiting the Simons Institute for the Theory of Computing. The research of Mareková was supported by the EPSRC and the UK Government as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (EP/P009301/1). We thank Kenny Paterson and Eamonn Postlethwaite for comments on an earlier version of this paper.

Author information

Authors and Affiliations

  1. Royal Holloway, University of London, London, UK

    Martin R. Albrecht, Jorge Blasco, Rikke Bjerg Jensen & Lenka Mareková

Authors
  1. Martin R. Albrecht
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jorge Blasco
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rikke Bjerg Jensen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lenka Mareková
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lenka Mareková .

Editor information

Editors and Affiliations

  1. ETH Zürich, Zürich, Switzerland

    Kenneth G. Paterson

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Albrecht, M.R., Blasco, J., Jensen, R.B., Mareková, L. (2021). Mesh Messaging in Large-Scale Protests: Breaking Bridgefy. In: Paterson, K.G. (eds) Topics in Cryptology – CT-RSA 2021. CT-RSA 2021. Lecture Notes in Computer Science(), vol 12704. Springer, Cham. https://doi.org/10.1007/978-3-030-75539-3_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-75539-3_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-75538-6

  • Online ISBN: 978-3-030-75539-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation