Wire has state-of-the-art encryption across its servers and messaging between devices. Wire is for organizations that need maximum security in an easy-to-use solution to protect communications across teams, and with clients and partners. Your team can share messages and files and call each other as you would with any other communication tool. Wire is 100% secure, and our customers love the simplicity of the messenger.
Overview of the security measures:
Message Encryption
Messaging refers to exchanging text messages and assets like audio messages and images. All messaging is subject to end-to-end encryption (E2EE) to provide you with a strong degree of privacy and security. End-to-end encryption takes place between two devices. Proteus is the main cryptographic protocol. It is an independent implementation of the Axolotl/Double Ratchet [8] protocol, which is in turn derived from the Off-the-Record protocol, using a different ratchet. Furthermore, Wire uses the concept of prekeys to use the protocol in an asynchronous environment. It is not necessary for two parties to be online at the same time to initiate an encrypted conversation.
Proteus uses the following cryptographic primitives (provided by libsodium):
-
ChaCha20 stream cipher
-
HMAC-SHA256 as MAC
-
Elliptic curve Diffie-Hellman key exchange (Curve25519) and key derivation is done using HKDF
Calling Encryption
Call media is exchanged between endpoints in an SRTP-encrypted media session. To initiate the session the SRTP encryption algorithm, keys, and parameters are negotiated through a DTLS handshake. The authenticity of the clients is also verified during the handshake by sending the expected fingerprints over the existing authenticated Proteus session.
Conference calls use existing WebRTC mechanisms to establish peer connections between devices and the Selective Forwarding TURN server (SFT). On those legs, all data is encrypted in the same way as on 1:1 calls. In addition, devices use Insertable Streams [20] to end-to-end encrypt the content of media packets.
Transport Encryption
Clients interact with backend servers over HTTPS connections supporting only TLSv1.2. Only cipher suites that support forward secrecy (PFS) are used. The server indicates the order preference of cipher suites and communicates HTTP Strict Transport Security (HSTS) to all clients.
Local Data Protection
Wire apps store the content of conversations such as text messages, images, and other assets locally on the device. Depending on the platform, different protection mechanisms exist:
- iOS: Local data is stored using Core Data and in files (both protected in with NSFileProtectionCompleteUntilFirstUserAuthentication). Conversation content, cryptographic key material and other sensitive data is not synced with iCloud or iTunes backups. Local data can only be accessed from the Wire app, it is inaccessible to other apps thanks to the iOS sandboxing.
- Android: Local data is stored using SQLite and in files. Conversation content, cryptographic key material or other sensitive data is not synced with Android Backup Service. The local data can only be accessed from the Wire app, it is inaccessible to other apps thanks to the Android permissions. The app sometimes keeps cached data (for example downloaded images) on the external storage (SD card). Those files are encrypted using AES128, each file uses a different random key which is stored in the private database.
- Desktop: Local data is stored using IndexedDB. The data is stored in the user’s folder. It is strongly recommended to use full-disk encryption like FileVault on macOS or Bitlocker on Windows.