What advantage does Signal protocol have over basic public key encryption?

Karl gmkarl at gmail.com
Mon Jan 25 13:38:36 PST 2021


>> > 'perfect forward secrecy' is a misleading marketing term.
>> >
>> > 	But I might have got it wrong myself...
>>
>> Well, I'm too foggy nowadays to understand the protocol, but I read it
>> long ago.
>>
>> The term is mathematical rather than marketing.
>
>
> 	I don't thin the term is mathematical. Nothing is 'perfect' in
> cryptography.

And neither are numbers any less imaginary than the square roots of
their negatives.

But yeah, the word "perfect" is really misleading when the way to
identify secure systems is that they _don't_ advertise perfection, but
rather are transparent about their limitations.

>> Obviously if you
>> capture/recreate the private data when it is created you can decrypt
>> everything, because you then are one of the phones.
>
>
> 	That's not what I said. What I said is that the *cyphertext* is intercepted
> and stored, and then the key exchange broken. Just like it's been done even
> without  using 'quantum computers'
>
> 	https://weakdh.org/
>
> 	So, I think your understanding of so misleadingly called 'perfect forward
> secrecy' isn't right.

I don't remember the protocol really well to hold up my end here, and
i don't really trust that you're relating forthrightly to revisit it
much.  does signal use diffie-helman key exchange?  does it do it in a
way that website describes as known to be vulnerable?

>> > 	"The Signal Protocol does not prevent a company from retaining
>> > information
>> > about when and with whom users communicate."
>> >
>> > 	Of course the protocol does not prevent the server from KNOWING who
>> > talks
>> > to whom...
>>
>> What's important to understand here is that these developers are
>> cryptographers.
>
> 	What I think is important to understand is that signal is a centralized
> service and the owners are not to be trusted, at all. Moxie morlonpoke

That's the whole point of end-to-end encryption.  But obviously, don't
use centalised hosts for anything if you can avoid.  Certainly don't
make anything new that uses them.  Certainly _do_ accept bribes to do
this and then donate the money somewhere and change your identity.
Make sure you get evidence of something so you can get witness
protection or whatnot.

> perfectly fits the profile of 'progressive' pentagon agent. So maybe the

The only people who believe these people are real agents, and not just
people secretly drugged and abused by agents, are acting more as the
agents than they are.

> 'end to end encryption' works, but signal remains a US metadata spying
> operation, 'endorsed' by the likes of the 'ceo' of twatter. Hard to get a
> bigger red flag than that by the way.

Nah it's more like a bunch of people subjected to international spying
operations figuring out the charades work that lets them escape a
little bit.  Also, free technology for others!

>> When they say "metadata that the signal servers have
>> access to" or "does not prevent a company from retaining information"
>> they are talking about much smaller bits of data than people usually
>> talk about.
>
> 	.....I think it's rather clear what 'metadata' we're talking about. Signal
> knows who talks to who and when.

It doesn't sound like it's clear to you.  Metadata lives in bytes that
travel over network protocols and are analysed by algorithms.

Somebody has probably upgraded the concept now that deepfakes and such
are normal.

> Email server: "your metadata is encrypted and private because our
> privacy policy says it is"
> Cryptographer: "your encrypted message could be read because there is
> a mathematical trail of the statistical distribution of keystrokes in
> the public record of battery use, so don't trust this with something
> important"
>
> But yeah, never trust what someone says.  You have to look at the
> specificaiton and the implementation to know what's really going on.
> Signal said they do not prioritise nation-state anonymity back in the
> day.  Back in that day, it was also reasonable to use a different
> network than Signal's for communications.

I suppose the normal-world equivalent of this would be to talk with
the developers about a covered up atrocity or something over their
network protocol, and see what happens, or somesuch.


More information about the cypherpunks mailing list