Introducing: Signal Protocol to Dust
When we decided to rethink Dust from the ground up, we wanted to push the envelope when it comes to secure messaging. In-turn, we decided to implement best-in-class technology to ensure end-to-end encryption across the entire platform.
You may ask yourself, what makes it so secure?
In other words, the Signal Protocol improves security by using true end-to-end encryption with perfect forward secrecy, which means the encryption keys used to scramble communication can’t be captured through a server, and no single key gives access to past messages. In addition, Signal Protocol uses a double ratchet algorithm — which creates temporary key exchanges continually during each session — minimizing the amount of information that can be decrypted if one of the keys were to be compromised.
In this post we will further unpack the Signal Protocol.
The Signal Protocol Advantage
One of the (many) benefits of using the Signal Protocol is that it allows two parties who have no prior knowledge of each other to mutually create a shared “secret key” over an insecure channel. Whereas, with previous encryption models the two parties are required to exchange keys across a private network. So instead of sending a trusted courier to deliver your personal keys, two unfamiliar parties can establish a mutual “secret location” to meet and exchange media without revealing the keys to their encrypted messages.
If it’s not obvious to the reader, sharing a public key is kind of a BIG deal during the initial “handshake”. We use our secure Dust channels to exchange a public identity key, which is used to establish trust between another Dust user. Once trust is established then the exchange of encrypted messages begins.
By using the Signal Protocol, it forces you to make sure your keys are refreshed after certain intervals. Thus, the Signal Protocol does not suffer from any single point of failure, which is not true with most other messaging protocols.
Another advantage of implementing the Signal Protocol in Dust is it doesn’t matter who has access to our server, in fact, the server can get to anybody and they won’t be able to crack the code (decrypt messages). With the Signal Protocol, every device has an assigned bundle (i.e. identity, encryption keys, sessions between users, device ID, prekey). So even if the FBI wanted to tap our servers — it would do them no good — as there’s no possibility of decrypting the content without the private keys, which are only stored on your device.
Real World Example
Let’s say, Anna wants to talk to Dave. Anna requests Dave’s key bundle — using that bundle information — Anna encrypts her message for Dave. If Dave has multiple devices, Anna calls for Dave’s key bundle for each device, and receives a unique encryption key for each device. The encryption key is not the same as your public/private key, instead, it’s a mathematical equation that tells Anna how to meet Dave at the mutually established location on a given map (elliptic curve).
After the session is established, Anna can start sending messages to Dave. This operation relies heavily on the Extended Triple Diffie–Hellman (X3DH) handshake and gives Signal Protocol the capability to provide forward secrecy and cryptographic deniability.
How Is Signal Protocol Different Than Signal?
It’s easy to confuse Signal (messenger) with Signal Protocol but they’re not really the same. Yes, they’re both Open Source projects and they do share the same name, but the first is a consumer product and the latter is the underlying technology. In this post, we highlight the underlying technology because it’s the best-in-class encryption model and it’s going live in Dust, August 2018!
Why Does Using Signal Protocol Matter?
For starters, if the Central Intelligence Agency (CIA) can’t crack the code, then who can? The short answer is, nobody. Since the encryption model is available under an Open Source license, experts have had the chance to conduct penetration tests and have confirmed the Signal Protocol is as secure as intended. This is why the Signal Protocol has earned its stripes as the gold standard of encrypted communications.
In contrast, Telegram uses their own in-house encryption algorithm, MTProto Protocol, that is not Open Source so nobody knows what’s really under the hood. In the dev community, this is referred to as “rolling their own crypto,” which is broadly frowned upon in the industry.
How Does The Mercury Protocol Benefit?
By implementing the Signal Protocol in Dust, the Mercury Protocol community benefits in several ways. First, the new Dust version to be released in August will be a more robust, secure platform than even the current version. As we introduce new ways to earn and spend GMT, having an ultra-secure platform means that GMT owners have a more secure environment in which to transact. Second, the technical know-how required to implement the Signal Protocol has challenged our development team to enhance our capabilities. The usefulness of this know-how extends beyond Dust to other Mercury Protocol software as we implement secure features in other components. And third, by being one of few messaging platforms that offer Signal Protocol encryption, the community benefits by being amongst an elite group of applications that truly value data privacy and integrity, which are core tenets of our vision at Mercury Protocol.
- Public key — encrypt messages, signature verfication
- Private key — decrypt messages, signature generation
- Elliptical curve — it’s called this because it’s a mathematical model of a curve
- Double ratchet — on every message the shared key changes
- Forward secrecy — even if your private keys are stolen, only that specific message can be decrypted, not the entire conversation
- Cryptographic deniability — the signature can be created by both sides so you can’t say who said what
- Battle-tested — the encryption Signal Protocol uses is available under an open-source license, so experts have had the chance to test and poke the software to make sure it stays as secure as what’s intended.
- Session management — archive the old session, create new session based on new curve (key exchange mechanism)