Real-Time Communication
Discover secure and private ways to communicate with others online without letting any third parties read your messages.
Encrypted Instant Messengers
We only recommend instant messenger programs or apps that support end-to-end encryption (E2EE). When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted before they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).
All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.
We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.
Centralized
Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.
Signal
Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been indepedently audited (PDF)
Requires phone number
VoIP
Advantages
- New features and changes can be implemented more quickly.
- Easier to get started with and to find contacts.
Disadvantages
- Centralized services could be more susceptible to legislation requiring backdoor access.
- Can include restricted control or access. This can include things like:
- Being forbidden from connecting third-party clients to the centralized network that might provide for greater customization or better user experience. Often defined in Terms and Conditions of usage.
- Poor or no documentation for third-party developers.
- The ownership, privacy policy, and operations of the service can change easily when a single entity controls it, potentially compromising the service later on.
Federated
Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
Element
Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.
VoIP
Advantages
- Allows for greater control over your own data when running your own server.
- Allows you to choose who to trust your data with by choosing between multiple "public" servers.
- Often allows for third party clients which can provide a more native, customized, or accessible experience.
- Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
- Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
- Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.
Disadvantages
- Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
- Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
- Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
- Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.
Worth Mentioning
- Status.im - Encrypted instant messenger with an integrated Ethereum wallet (cryptocurrency) that also includes support for DApps (decentralized apps) (web apps in a curated store). Uses the Waku protocol (a fork of Whisper) for P2P communication. Only available for iOS and Android.
Peer to Peer (P2P)
Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a distributed computing network. Examples of this include DHT (distributed hash table) (used with technologies like torrents and IPFS, for example). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the Scuttlebutt social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.
Briar
Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis.
Jami
Encrypted instant messaging and video calling software. All communications are E2EE using TLS 1.3 and never stored elsewhere than on user's devices, even when TURN servers are used.
Warning
VoIP
Advantages
- Minimal information is exposed to third parties.
- Modern P2P platforms implement end-to-end encryption by default. There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models.
Disadvantages
- Reduced feature set:
- Messages can only be sent when both peers are online, however, your client may store messages locally to wait for the contact to return online.
- Generally increases battery usage on mobile devices, because the client must stay connected to the distributed network to learn about who is online.
- Your IP address and that of the contacts you're communicating with may be visible if you do not use the software in conjunction with a self contained network, such as Tor or I2P. Many countries have some form of mass surveillance and/or metadata retention.
Recent news about breaking E2EE on centralized instant messengers
June 2020
- The Senate’s New Anti-Encryption Bill Is Even Worse Than EARN IT, and That’s Saying Something (EFF)
- There’s Now an Even Worse Anti-Encryption Bill Than EARN IT. That Doesn’t Make the EARN IT Bill OK. (Stanford)
March 2020
January 2020
November 2019
- Exclusive: Interpol plans to condemn encryption spread, citing predators, sources say (Reuters)
- Think of the children: FBI sought Interpol statement against end-to-end crypto (ArsTechnica)
October 2019
- The Open Letter from the Governments of US, UK, and Australia to Facebook is An All-Out Attack on Encryption (EFF)
- The broken record: Why Barr’s call against end-to-end encryption is nuts (ArsTechnica)
- US wants Facebook to backdoor WhatsApp and halt encryption plans (ArsTechnica)
August 2019
July 2019
- US attorney general William Barr says Americans should accept security risks of encryption backdoors (TechCrunch)
- Low Barr: Don't give me that crap about security, just put the backdoors in the encryption, roars US Attorney General (The Register)
May 2019
January 2019
December 2018
Complete Comparison
- securechatguide.org - Guide to Choosing a Messenger.
- securemessagingapps.com - Secure Messaging Apps Comparison.
Independent security audits
- A Formal Security Analysis of the Signal Messaging Protocol (2019) by Katriel Cohn-Gordon, Cas Cremers, Benjamin Dowling, Luke Garratt and Douglas Stebila
- Matrix Olm Cryptographic Review
- Briar - Darknet Messenger Releases Beta, Passes Security Audit
Video/Voice Calling
Linphone
Linphone is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication.
Jitsi Meet
Jitsi Meet is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in desktop applications or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the list of public Jitsi Meet instances.
Requires WebRTC
Experimental E2EE
Mumble
Mumble is an open-source, low-latency, and high quality voice chat application primarily intended for use while gaming. Note that while Mumble doesn't log messages or record by default, it's missing end-to-end encryption, so self-hosting is recommended.
Related Information
- More information about Mumble:
- Running Mumble Server and its config file, particularly obfuscating IPv4 addresses and logging
- Torifying Mumble
Team Chat Platforms
Element
Element (formerly Riot) is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.
VoIP
Rocket.chat
Rocket.chat is an self-hostable open source platform for team communication. It has optional federation and experimental E2EE.
Experimental E2EE
VoIP