Signal protocol passes first security audit

Scientists have examined the basics of the Signal protocol and have not found any shortcomings that could lead to problems from a security point of view. The outcome of Signal’s first security analysis is a starting point, they emphasize.

The core of the Signal protocol offers good cryptographically good security properties, the researchers conclude. They prove that the security and authentication of the message keys are guaranteed and can withstand scenarios such as forward security. This means that keys are temporary and possession of a key does not mean that all conversations in the past can be viewed. The ratcheting property ensures that session keys are updated with every message sent. Even some form of post-compromise security would be possible: if the security is almost completely compromised, some form of secret communication is still possible.

The researchers do have some advice to strengthen security, for example against cases where the random number generator becomes completely predictable. For example, the Naxos protocol can be implemented for the exchange of authenticated keys. They also state that additional research is desirable.

The research was complicated by the relatively new design of the protocol and lack of documentation, although the source code is freely available. The audit was conducted by five researchers from the British Oxford University, the Australian Queensland University of Technology and the Canadian McMaster University.

Research into the security of Signal is relevant because the protocol forms the basis for not only the Signal app itself, but also those of WhatsApp, Facebook Messenger and Google Allo, among others. In addition, the Signal app itself is widely used by people who want guaranteed secure communication, such as activists in states with strict regimes.