What advantage does Signal protocol have over basic public key encryption?
Punk-BatSoup-Stasi 2.0
punks at tfwno.gf
Mon Jan 25 11:38:17 PST 2021
On Mon, 25 Jan 2021 13:57:21 -0500
Karl <gmkarl at gmail.com> wrote:
> 4. perfect forward secrecy. addresses the issue with pgp where future
> advancements decrypt all your messages
As far as I understand it, what signal and other systems do is generate 'ephemeral' keys (per session or even per message).
Now, if all traffic is recorded (which of course it is), and the key exchange broken thanks to say 'quantum computers', then the 'ephemeral' keys can be re-created. So as far as I can tell your claim is wrong, and 'perfect forward secrecy' is a misleading marketing term.
But I might have got it wrong myself...
> 5. metadata encryption. pgp does not do this
neither does signal. Or rather
https://en.wikipedia.org/wiki/Signal_Protocol#Metadata
"In October 2018, Signal Messenger announced that they had implemented a "sealed sender" feature into Signal, which reduces the amount of metadata that the Signal servers have access to by concealing the sender's identifier."
Not sure what that actually means. Also
"The Signal Protocol does not prevent a company from retaining information about when and with whom users communicate."
Of course the protocol does not prevent the server from KNOWING who talks to whom...
More information about the cypherpunks
mailing list