Signal protocol is the industry-standard encryption, which is why it makes sense to understand why it’s better than other end-to-end encrypted messaging. Recently, Google announced a change that will affect its 2 million Android users worldwide. It’s rolling out the beta version for its messaging app (for Android) that now features end-to-end encryption by default. This encryption is able to prevent an intruder from eavesdropping, whether it’s a hacker, phone carrier, an intelligence agency, or Google itself. No one can decrypt or read the messages! After watching a documentary on cybercrime over my Spectrum TV app, I have come to the conclusion that encryption is mandatory.
This news is a big win for Signal protocol, the non-federated cryptographic protocol that provides end-to-end encryption for video, voice calls, and IM conversations. This protocol has become the de facto standard for encryption conversation in most services. But why is it so popular, and what sets it apart from other forms of encryptions? You will find that out later in this blog.
Introducing Signal, the End-To-End Encrypted App
The Signal app was the creation of Moxie Marlinespike. This end-to-end encrypted text message app enjoys an unparalleled reputation for privacy and security. It has the endorsement of Edward Snowden and Brian Acton, the founder of WhatsApp.
Signal is built on a cryptosystem called the signal protocol which has now spread beyond the app. WhatsApp was the first one to adopt this protocol in 2014 by encrypting end-to-end IMs between Android devices. Two years later, the giant switched it on by default for all its users. Shortly after that, Google also rolled out its end-to-end encryption using the Signal Protocol as an opt-in feature. Facebook followed the suit by introducing end-to-end encryption in Facebook Messenger. This was also an opt-in feature. Now, Google has decided to integrate the Signal Protocol in its messaging app by default. This means that new phones will adopt this feature as a standard in the coming years.
What Makes the Signal Protocol Special?
Now let’s cut to the chase and see why Signal is everyone’s go-to protocol. The feature that makes it stand out is how effortlessly it implements the “perfect forward secrecy.” Normally, when you install an app on the phone, it generates a permanent key pair for encrypting and decrypting the message. One is the public key, which goes to the server of the messaging service for identifying the user. The second is the private key that never leaves the phone of the user. This private key, when compromised, can allow someone to hack your device. Even if you have deleted some messages from your device, the key can decrypt any and all encrypted messages.
The signal protocol has a ratchet system that changes the private key after each message. This means it will generate lots of temporary keys for each user along with permanent keys. When a user sends an IM to their contact over an app supporting the Signal Protocol, the IM app combines both temporary and permanent public and private keys for both users. It then creates a shared secret key for encrypting and decrypting the message.
Generating the secret key requires access to both users’ private keys, which only exist on their devices. The temporary keys replenish for each user, allowing the protocol to generate a new shared key after each message. Every time you send a message, your key is updated. So, let’s say someone steals your phone at 10 am. Any message sent before 10 am will be safe. For those automatically deleted messages after a specific time limit, the Signal app makes them disappear. If you would like to protect certain messages from being spoofed, it’s very important to delete them manually.
Signal’s perfect forward secrecy is useless if you don’t delete your messages. Because if your phone gets stolen and all your messages are intact, they would be visible to the person who has access to your phone. Nevertheless, it doesn’t hurt to switch from an unencrypted messaging app to the one that uses the Signal protocol.
The prediction is that soon the signal protocol will become the standard across all apps. It will be hard to avoid it just like these days you can’t live without a good Internet service plan like Spectrum Internet plans – I too just upgraded mine to stream my favorite shows on my mobile.