References / Further Reading

• A Formal Security Analysis of the Signal Messaging Protocol https://eprint.iacr.org/2016/1013.pdf

• The Double Ratchet: Security Notions, Proofs, and Modularization for the Signal Protocol https://eprint.iacr.org/2018/1037

• Wire Security Whitepaper https://wire-docs.wire.com/download/Wire+Security+Whitepaper.pdf

• WhatsApp Encryption Overview

  Without irony, WhatsApp does not allow a PDF link that does not contain trackers such as encoded time-stamp. We can provide you a copy at request, if you don’t want them tracking you.

• Apple iOS 11 Security White Paper, January 2018 https://www.apple.com/ca/business-docs/iOS_Security_Guide.pdf

• iMessage Privacy, analysis by QuarksLab https://blog.quarkslab.com/resources/2013-10-17_imessage-privacy/slides/iMessage_privacy.pdf https://blog.quarkslab.com/imessage-privacy.html

• Textsecure Protocol - archived https://web.archive.org/web/20150107094950/https://github.com/WhisperSystems/TextSecure/wiki/Protocol

• W3C Crypto API Current official version (January, 2017): https://www.w3.org/TR/WebCryptoAPI/

  W3C Latest draft: https://w3c.github.io/webcrypto/

• “Mind the Gap” https://eprint.iacr.org/2017/982.pdf

Other items not included in footnotes:

• http://web.archive.org/web/20160305004230/https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/august/javascript-cryptography-considered-harmful/

• ALEA PRNG - original blog posting https://web.archive.org/web/20111105142920/http://baagoe.com/en/RandomMusings/javascript/ Cached copy (with help from GitHub) of his original .js file: https://gist.githubusercontent.com/kirbysayshi/1342599/raw/664e15c7d7b8f28b398fa8ba6134c4378d83147f/alea.js