A week before Christmas, the government of Egypt blocked access to the secure-messaging app Signal. A few days later, the app makers rerouted traffic to make it look like a Google search and not an encrypted message, thus circumventing the censorship. Although it’s only two and a half years old, Signal—and its underlying technology—have revolutionized communication privacy.
Signal lets you make voice calls and send text messages that are encrypted end to end, which means that as long as both parties are using Signal, computer code fully protects them from digital eavesdropping and spying.
Use of the app skyrocketed 400 percent in the aftermath of the 2016 U.S. presidential election, reported Moxie Marlinspike, the pseudonymous, dreadlocked, sea-faring hacker and cryptography expert who founded Open Whisper Systems, maker of Signal.
“A lot of people have direct concerns about the privacy of their communications under a new presidential administration,” Marlinspike says. “Even if you don’t have that direct concern, like a journalist or activist [might], installing Signal is an easy way to support the people that do have that concern.”
Before the election I think I had maybe 15 friends on @whispersystems’ Signal, and now I think there are well over 200.
— M (@MaxJohnLove) December 22, 2016
What was once an obscure app offering protection for which most people couldn’t contemplate a use is being rapidly adopted by tech titans and rebels alike. WhatsApp uses the end-to-end encryption code created by Marlinspike and his team to power Signal, called the Signal Protocol, to protect texts and calls between its more than 1 billion users by default. It’s an opt-in feature in Facebook Messenger’s Secret Conversations and the “incognito” mode for Google’s new Allo app.
Government whistleblower Edward Snowden has endorsed Signal, along with security technologist and author Bruce Schneier, and Washington Post reporter Barton Gellman. And in the aftermath of public leaks of its internal emails, the Hillary Clinton presidential campaign began using Signal too.
Signal, thus far funded by grants totaling about $3 million, is not the only end-to-end encryption protocol (or text-messaging app) available. Its popularity is partly tied to it being open source: Anybody could add its open-source code to their own code, and other cryptographers and developers can verify its ongoing efficacy. But what really sets Signal apart from its competition—even competitors that employ the Signal Protocol—is how Signal uses its encryption protocol.
How Signal works
Upon installation, Signal relies on your phone number (or an alternative like Google Voice) to verify your identity via text message. It then checks your address book for other Signal users, and lets you and them know that you’ve installed the app.
While that friend-seeking step might sound familiar (many social-networking apps have similar mechanisms), even this initial interaction is wrapped in cryptographic code to prevent Open Whisper Systems or anybody else from learning who uses the service, according to the app’s documentation. It uses the cryptographic principles known as “forward secrecy and future secrecy,” along with the Curve25519, AES-256, and HMAC-SHA256 encryption algorithms to protect messages and calls.
You can tell if your intended message recipient is using Signal by the color of the Send button and the appearance of a small padlock icon on the messaging screen. If the button is blue, and the padlock is closed, then the message is encrypted. If the icon is gray, and the padlock is open, the message is not secure.
For voice conversations, Signal creates an encrypted tunnel over the Internet. Think Skype, but without the security risks.
For both text messages and calls, Signal users can confirm that the recipients are who they say they are by means of a secret code the app generates. This can help users verify that their messages haven’t been intercepted in a man-in-the-middle attack. Messages can be encrypted on your phone when you turn on the passphrase option.
There’s also a desktop version of Signal available as a Chrome browser add-on, and a more recent update to the app adds a timed, Snapchat-style self-deleting option to text messages on recipients’ phones.
Minimal metadata retention
The key feature in the Signal app that differentiates it from most other implementations of the Signal Protocol is that Open Whisper Systems retains very little metadata from user messages, and the app, according a blog post by ACLU attorney Brett Max Kaufman, retains only the time that users create their accounts, and the last day a user connected to the Signal servers.
Message metadata reveals so much information about the message author that a former general counsel to the National Security Agency says it can reveal “everything about somebody’s life.” It’s been used in multiple publicly reported successful prosecutions.
“We designed Signal to retain as little information as possible,” Marlinspike says.
This stands in contrast to the metadata retention practices of many other messaging apps, including WhatsApp, which privacy experts at organizations such as the Freedom of Press Foundation, the Guardian Project, and the Electronic Frontier Foundation consider risky.
Signal prevents the systems of Apple and Google from backing up messages, though on the Android version of the app, you can import and export those messages to retain and restore them to a new device. Computer forensics expert Jonathan Zdziarski posted evidence from his examination of the app on Twitter, writing that backup and forensics tools he used were able to retrieve “virtually nothing” from the iPhone version of the app.
This is everything that comes off an iPhone from the Signal app with backup or forensics tools. Virtually nothing. pic.twitter.com/tyPStYlQbQ
— Jonathan Zdziarski (@JZdziarski) February 24, 2016
A Signal for the future?
While Signal’s efforts to protect messages have been effective, the app is not immune to criticism. Encrypted-communications app Wire sued Open Whisper Systems, accusing Marlinspike of attempted extortion. They settled the case out of court, and both sides backed away from their allegations.
Marlinspike subsequently addressed some Signal Protocol-licensing issues in a June 2016 blog post, to clarify that developers who implement the Signal Protocol have explicit approval to distribute their apps through the Apple App Store. However, he also wrote that Open Whisper Systems likes the quality control that the GPLv3 license allows.
“If someone publicly says that they’re using our software, we want to see if they’ve made any modifications, and whether they’re using it correctly. This helps to increase transparency and accountability in deployments of our software, which we feel are important for end-to-end encryption,” he wrote.
There’s an ongoing debate about Marlinspike’s decision to maintain the central communication servers for Signal, as opposed to federating them. While some might feel that the decision will hurt future adoption of Signal, Marlinspike would disagree.
Some consumers are also concerned that Signal notifies you when people in your contact list sign up for the app, or that it uses your phone number as your username. Reports of app stability and usability problems are not uncommon, either.
Nevertheless, Marlinspike believes that the work his company has put into developing Signal will encourage other messaging and calling services to reconsider how much customer information they retain—and put at risk of exposure by hacker or government subpoena.
“Our hope with everything is that Signal serves as an example of what’s possible. That’s allowed end-to-end encryption in WhatsApp, Facebook Messenger, and Google Allo,” he says. “Hopefully, some of the things we’re doing around metadata will show up in other places.”