WhatsApp, Facebook Messenger, and the Signal app: First cryptographic analysis of the underlying security protocol

WhatsApp, Facebook Messenger, Google Allo, and many other messaging apps have all recently adopted the same encryption protocol, a new system called 'Signal'. Signal has seen explosive uptake, with up to 1 billion users driving an unprecedented increase in the use of encryption for personal communications. With many large players including it in their messaging apps, it is surprising that there has not been an in-depth security analysis of the protocol itself until now.

To fill this gap, Professor of Information Security Cas Cremers and doctoral students Luke Garratt and Katriel Cohn-Gordon, along with McMaster University Assistant Professor Douglas Stebila and doctoral student Benjamin Dowling, have recently revealed the first formal analysis of this protocol, which will be presented next year at the IEEE EuroS&P 2017 Symposium in Paris.  They found no major flaws in the design and showed that it is secure under a wide range of compromise scenarios.

The Signal protocol is inherently very complex, which may be a possible reason for the lack of previous analyses. The protocol features over ten different types of key, and continually updates them following a system called the 'Double Ratchet'. Its goals are not formally stated, but include end-to-end encryption as well as advanced security properties such as forward and 'future' or 'post-compromise' security.

The new work shows that there are no major flaws in the core protocol, although the analysis also reveals that the protocol can be improved in several ways. Overall, this encouraging result helps to bolster confidence in the widely-adopted Signal protocol. As more and more of our communication moves to messaging apps, it is crucial that the underlying systems that they use are secure, and this work is an important step in that direction.

Reference to paper: ia.cr/2016/1013