Utrecht doctors perform test using encrypted chat app

Apr

19

2016

Doctors from the province of Utrecht conduct a test using the chat app siilo, which they can share encrypted messages and files. The exchange of information physicians need to be able to deliver better medical judgment and avoid unnecessary referrals.

GP David Schaap explains the objective in an interview with the Telegraph. “It’s like looking at two hundred doctors at the same time in the doctor’s office for a patient.” It turned out that doctors often shared patient data via WhatsApp until the Authority Personal ruled that it is not a secure channel. How is this judgment fails now the service end-to-end encryption for all of its users implemented remains to be seen.

According to the makers of the Dutch siilo app is end-to-end encryption is not enough. CEO Joost Bruggeman explained in the Morning radio program that the app supports more features. For example, there is the possibility of anonymizing pictures and data is automatically deleted after thirty days. Also, a recent blog post that is not enough for a medical app encryption when sending messages. Thus, data should also be on the device itself are protected against unauthorized access.

WhatsApp would fail in that respect, because files and messages on the phone itself is not encrypted. The unencrypted-backup feature is mentioned, along with the fact that photos are automatically added to the photo library. As a result, the possibility exists that this be viewed by a third party.

Siilo claims by limiting access by third parties to secure messages and files with a PIN or fingerprint. Also, it should be possible to clear up to remote telephone information and all data from the siilo servers removed as soon as the message that the file has been successfully delivered to the recipient.

Encryption siilo make use of the open source encryption library NaCl, which was designed by Daniel Bernstein. This is also used for example by the crypto-chat app Threema and provides end-to-end encryption. The connection between the device and the server is secured by TLS. In addition, the axolotl ratchet is used, which is also part of the Signal protocol in WhatsApp.

The implementation of this encryption is unverifiable, because the source code of siilo is not publicly available. The company, however, indicates that an audit of the code is scheduled for the fourth quarter of this year and that it will eventually open source. At this time, it is only possible to request the code via an e-mail.

Viewing:-132

In: Technology & Gadgets Asked By: [15196 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »