Mimesis Aegis, An Invisible Android Shield That Encrypts Communication
A team at the Georgia Institute of Technology has been developing a new app called Mimesis Aegis––roughly “imitation shield” in Latin––that provides end-to-end encryption for Android communication apps. It is, essentially, yet another stepping stone in the post-Snowden world of individual communication security.
M-Aegis is a smartphone application that functions as a kind of transparent window. Through this window a user interacts with a given app almost completely as normal, but through some shielding. M-Aegis mimics whatever app it is protecting, so if it were used with Facebook, Facebook would still look like Facebook, but it would be a proxy. As the user entered information into this proxy, the data would be encrypted and then sent to the original app and on through the airwaves. Information being received would also be decrypted through the same, reverse method. Both ends would be sending and receiving encrypted messages through the proxy-shield of M-Aegis, hovering silently above the smartphone. The drawback that this creates is that both ends need to be using M-Aegis in order for it to work. Since there have been no mentions of an IOS adaption (Apple has stricter rules about how app interface can be altered), that means no communication between Andriods and iPhones.
The idea behind M-Aegis is to allow smartphone users to not have to download new apps (like Bleep, for example) to send and receive messages securely. Instead they would only need one piece of protective armor, M-Aegis, that would allow the continued use of multiple less-secure apps all covered under one invisible, encrypting blanket. There would, of course, be a latency involved with constant encryption and decryption, but the GT team tested M-Aegis with real emails and found that, for the longest of them, it took less than a tenth of a second to decrypt and one fifth of a second to encrypt on a LG Nexus 4.
M-Aegis is currently in its prototype phase and only works for email or chat-apps like Facebook and Gmail. The hope of the developers is to extend the applicability of M-Aegis to other functions of a smartphone, such as picture-taking and audio playback. M-Aegis arose not as a start-up or moneymaker, but as purely academic research, so it’s not available for download yet. The Georgia Tech team will be presenting their research at the Usenix conference in San Diego, California this week, and there are plans to release the software in some form in the coming fall.
I’ve speculated before about the rise of secure communications, and made the all-to-easy-to-make prediction that apps and technologies to accommodate will be emerging more and more steadily. Mimesis Aegis falls very neatly under that umbrella. Keeping user information private is just becoming more and more important in the tech world. In the words of the project manager, Wenke Lee (a GT professor), “We don’t believe that these services actually need to look at users’ communications. They’re just transporting messages from A to B, and if the user elects, they should be able to make those messages truly private. That’s the approach whose potential we’re trying to demonstrate.”
What I like about M-Aegis is that it involves a different approach to the new demand for increased security: taking what we already have and adapting it. Inventing new communication apps is all good and well, but people––myself included––like to use what we already have. Of course, security is vitally important, but I’m probably not going to give up the apps/technologies that I already use. M-Aegis allows those like me, which I have a feeling are a majority, to take what’s already good, and make it better.
Since Mimesis Aegis is still a work in progress, we’ll be keeping our eyes open for further development.
[Wired]