So, I'm interested how the implementation of "Perfect Forward Secrecy" in Signal looks like, like does every messages has a different encryption key? or does it change over time like [#whatsapp](https - eviltoast

So, I’m interested how the implementation of “Perfect Forward Secrecy” in Signal looks like, like does every messages has a different encryption key? or does it change over time like #whatsapp does? I tried to find any official documention of this, sadly did not find anything.

Thats why I’m asking, does anyone of you know smth about this and maybe can provide a link to a official source?

#signal #signalapp #privacy #encryption @signalapp @SignalUpdateInfo @privacy

  • sexy_peach@feddit.de
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Diffie-Hellman is only a key exchange protocol and does not provide forward secrecy. Imagine that my and your client figure out our shared secred (key) with DH, then encrypt our chat with that. If someone breaks only a bit of our traffic, then they can read newer messages as well.

    https://en.wikipedia.org/wiki/Forward_secrecy

    Forward secrecy means that at any point messages are encrypted with keys that aren’t reused forever, which means if an attacker can intercept traffic and read a bit, or crack the encryption, that they don’t automatically get access to our future conversation as well.

    • solrize@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      The PFS comes from deleting the secret DH parameters after you are done using them.