Mayank Varia on security and privacy of end-to-end messaging

Can WhatsApp Messages Be Secure and Encrypted—but Traceable at the Same Time?

Professor Mayank Varia’s work looks to balance privacy and human rights with online trust and safety.

BU’s The Brink recently featured this impactful research in an article.

Cryptographers love an enigma, a problem to solve—and this one has it all. Indestructible codes, secret notes, encryption and decryption.

Here’s the puzzle: Someone wants to send a secure message online. It has to be so private, so secret, that they can deny they ever sent it. If someone leaks the message, it can never be traced back to the sender. It’s all very Mission: Impossible. But there’s a kicker: if that message peddles abuse or misinformation, maybe threatens violence, then anonymity may need to go out the window—the sender needs to be held to account.

And that’s the challenge: is there a way to allow people to send confidential, secure, untraceable messages, but still track any menacing ones?

Mayank Varia might have cracked the conundrum. A cryptographer and computer scientist, Varia is an expert on the societal impact of algorithms and programs, developing systems that balance privacy and security with transparency and social justice. Working with a team of Boston University computer scientists, he’s designed a program called Hecate—fittingly named after the ancient Greek goddess of magic and spells—that can be bolted onto a secure messaging app to beef up its confidentiality, while also allowing moderators to crack down on abuse. The team is presenting its findings at the 31st USENIX Security Symposium.

Read the full article here. The article is authored by Andrew Thurston with photos by Jackie Ricciardi.