Prime Minister Élisabeth Borne recently made a bold decision to strengthen the security of government communications. She ordered the installation of the secure messaging app Olvid on the devices of all government members. This decision was made to manage sensitive information more securely and to protect data.
Olvid, a French instant messaging application, was chosen because of its reputation for being extremely secure. Designed in 2019 by Thomas Baignères and Matthieu Finiasz, two French cybersecurity experts, Olvid received a “First-Level Security Certification” from the French National Agency for the Security of Information Systems (ANSSI) in 2020.
Since December 8, 2023, ministers, secretaries of state, directors, and cabinet members are no longer allowed to use traditional messaging applications such as WhatsApp, Telegram, or Signal on their mobile phones or computers. Instead, they are required to use Olvid. This initiative marks an important step in the handling of sensitive information and data protection within the government.
But in your company, what should you use?
End-to-End Encryption: Complete Protection
End-to-end encryption is a security mechanism that ensures only the sender and the recipient of a message can read it, by encrypting the data so that it can only be decrypted by the intended recipient. Unlike traditional encryption systems where data may be decrypted at various points along its path, end-to-end encryption ensures that even messaging service providers cannot access message content.
Examples of Encrypted Messaging Applications
Signal
Signal is widely recognized as one of the most secure messaging applications available. It uses end-to-end encryption for all messages, voice calls, and video calls, ensuring complete confidentiality of communications. Even metadata is minimized to reduce exploitable information.
WhatsApp
WhatsApp, owned by Facebook, also offers end-to-end encryption for all communications. However, it is worth noting that certain features, such as cloud chat backups, may not be end-to-end encrypted, which can create a potential vulnerability.
Telegram
Telegram offers a variety of security features, including secret chats that use end-to-end encryption. However, it is important to note that not all Telegram chats are automatically end-to-end encrypted, requiring the use of secret chats for maximum security.
Olvid: The French, Sovereign and Secure Player
Olvid is an instant messaging application that claims to be the most secure in the world. It was created in 2019 and received a “First-Level Security Certification” from the French National Agency for the Security of Information Systems (ANSSI) in September 2020.
Olvid’s security is based on three key principles:
User authentication
Olvid guarantees user authentication, meaning you can be certain of the identity of the person you are communicating with.
End-to-end encryption
Olvid uses end-to-end encryption algorithms to protect user data. This means that only users involved in a conversation can read the exchanged messages.
No centralized user directory
Unlike many other messaging applications, Olvid does not store user information on servers. This removes a potential point of vulnerability and strengthens the confidentiality of conversation metadata.
In terms of operating mechanisms, Olvid uses a series of cryptographic protocols to ensure security. For example, it uses the AES-256 algorithm in CTR mode for encryption. In addition, Olvid relies on cryptographic keys—including symmetric keys, public keys, and private keys—to secure communications. It also uses Edwards curves for signature key generation and authentication.
It is important to note that Olvid’s security relies not only on the cryptographic protocols implemented in its cryptographic engine, but also on the real connection/relationship and trust between users. It assumes no trusted third party.
Between Convenience and Security, What Should You Choose?
The choice between convenience and security depends on each user’s individual preferences. Some may prioritize ease of use and feature accessibility, while others may opt for stronger protection of their personal data. Ideally, messaging applications should offer a balance between these two aspects, providing practical features while ensuring maximum communication security.
In a business environment, it is important to assess the criticality of the exchanges you have with colleagues. If this is difficult to evaluate, it is important to turn to experts such as Phishia, who can support you in choosing secure messaging applications that are, above all, adapted to your needs.
