Twitter introduced a new layer of privacy and security on user communications, named Encrypted Direct Messages.
This new feature is Twitter’s implementation of end-to-end encryption (E2EE) for direct messages that users exchange on the platform, allowing them to communicate with greater confidence.
The option to use Encrypted Direct Messages will be made available on the latest version of Twitter apps for Android and iOS, and on the web interface of course, appearing as separate conversations alongside the existing Direct Messages inbox. On the mobile apps, users will see a toggle that can be turned “on” and “off” to use secure or regular communication channels.
Sending an encrypted message will be otherwise similar to sending a regular message, and will be governed by the same “followership” or DM invite acceptance rules.
Twitter will be publishing a detailed technical whitepaper later this year where it will explain the encryption scheme in greater detail. For now, it is clear from the use of public-private key pairs that the social media platform has implemented an asymmetric encryption scheme.
Each user has a pair of keys: a public key that is automatically registered when a user logs into Twitter on a new device or browser, and a private key that remains on the device and is never shared with Twitter. In addition, each conversation has its own key used to encrypt the content of messages, which is securely shared between participating devices using the private-public key pairs. As such, even if someone