Signal Encryption: A New Expectation of Privacy

Over at Dust, we’ve just about finished up our switch to the Signal Encryption protocol, which is currently the most secure protocol for sending encrypted messages through an untrusted network asynchronously.  There’s lots of whitepapers on it, so I’ll just stick to why it’s important for the public at large.  In the tradition of open source being the core of sound security, we’ve open sourced part of our implementation here.  Credit to Whisper Systems on their excellent Android implementation, which we only re-architected slightly in our Golang port by pulling out ProtoBuffers as a hard dependency.

What you should demand from now on

As many messengers have switched to the Signal protocol, you should start making sure that any messenger you use has the following guarantees that Signal provides:

Perfect Forward Secrecy – Even if someone figured out every secret up to message X, they couldn’t figure out how to decrypt message X + 1

End-to-End Encryption – This means that even the server transmitting the messages and encryption keys could never decrypt/mess with your messages.  I noticed Facebook’s version of Signal adds a mechanism for moderators (and other folks, I’m sure) to be able to decrypt your messages!

Deniability – You can ensure that a message was sent by Bob, but you can’t prove to strangers that Bob sent you a message.

These are new-ish properties compared to older asynchronous encryption schemes, and pretty good news for those who like the 1st and 4th amendments!  It’s great to see the possibility of entirely new apps just from good math, similar to RSA’s original asymmetric encryption leading to ecommerce being possible in the 90’s!  Think about that, had we mass internet in the 80’s, there would be no such math to build a secure web server!  I for one am pinning my hope for humanity on further advances like Enigma, which could lead to decentralized Ubers and other “sharing economy” apps that are currently dominant.


Sadly, while Signal pretty much locks out networks from stealing your messages, it won’t stop your device from doing so.  There are tons of backdoors in Android and iOS as Wikileaks articles come out describing them in detail.  If your phone is hacked, this won’t do you much good against them.  On the other hand, these backdoors typically won’t try to affect your Signal messaging (although it could, in principle), meaning that newbs on the network still won’t see anything but Signal encrypted garbage.  Just keep in mind that some gov agency out there can probably see what you’re messaging, but not private or small state actors.

Leave a Reply