For the avoidance of doubt, Facebook messenger does not use this (or any form of end-to-end encryption) in normal messenger conversations; it is only used when you start a "Secret Conversation".
send am image hosted on a private server to a friend, using Skype, Facebook Messenger, etc. You'll notice most of them access it under the guise of providing a preview in the client.
Excellent, I was hoping you'd cover the ratchet mechanisms built into the protocol, but I see they're coming in the next video. Thank you for spreading awareness!
Signal's safety number isn't one hash of both keys; it's a hash of each key, so a pair of fingerprints, sorted so it looks the same on both screens. One half is always your fingerprint.
@@tabaks Oh! Did you see a gu (black hoodie, very sad look) sitting on the edge of the pier, throwing himself into the sea, while talking to an imaginary friend?
Thanks for making this video. I'm always looking for better ways to try and explain the Signal Protocol to other people, and this makes an excellent starting point. I've personally focused so much on the ratcheting process (hopefully to be covered well in the next video) that I've almost forgotten about the nuances of the session setup process.
@@saneyarkhazin7671 messenger's end to end is a joke compared to signals. they still store all their keys on the meta servers so the point of the encryption is basically moot for user privacy
So there's only a finite amount of backlog messages that the server can receive for me when I'm offline, since there's a finite number of one-time keys that it has for me?
Yes, that is correct. Whatsapp and Signal use the open source libsignal library developed by Wisper Systems, at first glance it looks to me like the documentation on how to use libsignal suggests to create a 100 pre-keys.
what about group chats? How are encryption keys generated in a group chat. What happens when you add a member or remove a member from the group. Does the whole key change? This would make a very informative video
i have a question: what happens in group messaging? like in whatsapp groups? if everyone is end-to-end encryped with everyone how can i read what happens between 2 group members?
As far as I know, in my own words, you include all the public keys of your friends in the encrypted message so that it can be opened by them. As i see it, the more people your message is directed to,the more vulnerable it is.
Guys Frankly Telling You I have been using Signal Private messenger for almost One years , its Really working Awesome , Finally I I found my personal data privacy and security with Signal private messenger Thanks to Signal team, they made privacy easy
The protocol has been extended to support "multi-device" on whatsapp, it might be super interresting to learn how that changes the game, how it is still possible to verify each other ver-changing bundle of devices on each end of the line and what prevents new rogue devices to be forefully "added" to people bundle, as well as how to device enrollement is secured.
Pretty easy thing to say, hard thing to accomplish. It was somewhat of a battle to have the majority of my family to install Signal (they still only use it to communicate with me, otherwise they use WhatsApp) convincing friends was/is nearly impossible. After the last Facebook scandal some of them installed Signal, but still only fraction.
Usually you will be prompted forced to use a different means of identification, typically your cell number, when you register, and the app will verify this by sending you a message via your mobile network. This is also an out of band identity verification. It is somewhat compromised by burner phones which are now also (cheap) smart phones...
One day, the University of Nottingham will run out of dot matrix printer paper, and there will be no more Computerphile videos. And then we'll all be sad. :(
Hi amit from india active user of Signal Private Messenger. The messenger is awesome because it offers me full control over my messages. The best part is that it has a lot of advanced features like 'disappearing messages', 'screen lock', 'incognito keyboard', 'read receipts', 'message trimming' etc.
If Android and iOS are keylogging or the application installed is doing keylogging it does not matter if the data is encrypted when transferred out of your phone because at the side you clear text is encrypted and sent to the total surveillance network...
That was actually mentioned in their End to End Encrytion video: something along the lines of "end to end encrytion is secure enough that attacking the endpoints is easier/it doesn't prevent someone from taking your phone and reading your messages".
Say I install Eve's app. It generates a keypair for me and uses that to encrypt my messages to Bob. Nothing's stopping Eve from just decrpyting my messages. That's the problem with this app-based world. People aren't supplying their own keys. If the app and the servers and the key generators are all owned by the same person, your privacy is fully at the whim of Eve.
Shouldn't it be possible to do key exchange for a new contact with a one-time message over the phone network, skipping the privately owned server? Then you could verify each other based on the phone number.
So, ”security codes” are the PGP equivalent of sharing key fingerprints in person. Is there something similar to a web of trust (or a “strong set”) in Signal?
@@Lysergesaure1 But people don't sign each others keys, so there is no way to build a web. It's technically possible to sign other people's keys using a somewhat contrived signing algorithm that's used to sign the SPK's, but in terms of the apps functionality, no.
So to ensure IP_kB belongs to Bob, you had to do it out of band, most likely meeting in person. Then, why not just form a shared key, or a sequence of shared keys at that point? I guess the advantage of doing it this way is so that the OP_kB can be updated with more keys without meeting out of band again after the first time...
graymalkinmendel: That was one possible answer I was thinking, even with RSA you get problems (asymmetric key encryption tends to be more computationally expensive than symmetric) but it’s really ambiguously worded and I’m not sure what they mean by mitigating the risk of leaking private keys...
By scanning the QR code you set up a secure connection between the browser/desktop app and the content of your message is then sent to the app on your phone, from where it is sent as a normal message.
The safety number isn't generated by a hash function. It's actually just the concatenation of a part of each party's identity key fingerprint (lesser part first). You can check this for yourself by comparing your safety numbers from two different conversations. Half of the digit string will be the same in every conversation on your phone. That half corresponds to your identity key.
Guys could you do it a video on RSA? It would be interesting to see how it is used in the real world (with real examples), and also I am doing a project on it so it would be really helpful :D
I have a great idea for total private communications. I hate to say it here for fear it may get stolen, but I'm going to say it anyway. What if we started a business where we wrote things on paper and took them to a place where a person would deliver it to the person you're reaching out to. We could charge for each paper delivered, kinda like Uber but for papers.🤔
Hey, I got a bit lost around 8:30, where you are talking about how the server combines the two identity keys. I don't quite understand how that helps ruling out man-in-the-middle attacks. Shouldn't we also incorporate the signed versions and and check them? Cheers
private key and public key both are generated by the app, it mean app knows how to generate the private key and all the terminology, it is possible to break this encryption by that creator who make the app or who have all the control , is that not true generating the keys by the app may be store in the server at that time
It may be safe against other parties doing the MITM attack, but nothing stops the actual service(For example WhatsApp) to do MITM on the messages. The only way to verify is with the "security key", but nothing is stopping WhatsApp from just generating a number, sending it to both phones and displaying that number.
So if I understand this correctly if there is a man in the middle, the safety numbers will not match up, and if they do, there is a guarantee that there is no such attack? A man in the middle could also only drop and replay messages, but not read them due to the encryption, correct?
Hypothetically speaking, if the client is not open source and installed from source itself and we do not verify the safety number off the band, people controlling Signal could man in the middle attack us if they were so inclined. Thankfully we can install from source and also verify the safety numbers so its not an issue. Again hypothetically speaking Signal servers could be setup such that it only attempts man in the middle attack from Playstore but not the ones installed from source. Please correct me if I have misunderstood the way this works.
Signal does this key exchange for every message, right? Is it possible to only do the key exchange once or to do it via SMS (no server)? I miss being able to text without data.
It does not prevent it but the safety number verification will fail if someone did an active man in the middle attack on your initial handshake. For usability reasons Signal and most other end to end encrypted messengers use the trust on first use (tofu) principle. They assume that there was no active man in the middle attack on the initial handshake and even in the case of new handshake which is usually triggered for benign reasons, e.g. a new phone, they just notify you in the conversation view. For highly sensitive conversations you should always verify the safety number out of band before you trust the communications channel.
What does the multiple DH do that isn't already achieved by Bob and Alice signing each of his ephemeral public keys and destroying the ephemeral private keys after one use?
The two are unrelated. Open source just means that the code is freely available, but the code doesn't include these encryption keys, it only contains the functions which generate them. It's like the difference between publicly saying "we have a secret password" (making your "code" open source) and actually saying what the password is (giving up your "encryption key")
Because of exactly this, the encryption means the messages must go via your phone, hence the name 'end-to-end'. Your phone is one end, the other persons is the other end.
We are using MyChat enterprise messenger at the office. It does not require a phone number and can work without the Internet. Perfect for us for now. It also has own server, so... heck no more public messengers :D
Lol people say "X is open-source" like it means something. All it means is that I could theoretically go and read the source code. But a) I never, ever, *ever* do that, and b) even if I did, I wouldn't understand any of it. Signal could be making a plain-text copy of every single message I send, and I wouldn't be able to tell. Of course you can say no worries, you *did* read the source code, and you *are* well-equipped to understand every line of it, and you saw no problem with it whatsoever. But that just puts us right back to square one. Who are you and why should I trust you. For all I know you're the one receiving all those plain-text copies of my messages.
Some people lose their time reversing engendering software to see what it is doing (is not that hard). I use wapp over signal because is more popular, if it was doing something that it shouldn't we would already know
@@whoami13__ not if they put a bit of work into it. Passing along the keys occasionally with regular traffic to the Signal server wouldn't be hard to hide.
At 5:53 I didn't got which keys are used to perform Diffie-Helman? for 1: a = IPKA (Private) ? b = SPKB (Private) ? g = IPKA (Public)? n = SPKB (Private)? So the Public Keys from the Pre-Key-Bundle are used as the public variables? Is that the Idea?
Maybe I missed something obvious, but what does that safety number prove? Can't *anyone* see the public identity keys, meaning other people might have it as well, since it was generated in a deterministic way (since you both ended up with the same key)?
Jane Weber It proves the server hasn't lied about your two identity keys, because both phones have the same value of Alice's id key and Nob's id key. But this is still inferior to PGP where you can gather friend-of-a-friend identity proofs and don't need to pre-deposit a pool of single use keys on the server. The only advantage seems to be that Bob destroys his single use decryption key after use so the key cannot be extracted from his phone later, because he knows he won't need it for some future message from Charlie.
We now provide mobile numbers for signal app verification without having to share your personal information. A Simvacy number acts as your digital identity and protects your personal details and privacy.
It's scary to think about how one day Alice or Bob may die and then all communication protocols will need to be reworked...
Well.. When Eve dies we won't need cryptography anyway.
@@AV1461 Let's not forget Mallory .
what's scary is the fact he still has that ancient paper that was used in a mainframe printer.
Uneducated people like this mention that WhatsApp is end to end. That has a huge impact on the community.
Maybe the real Alice and Bob were the friends we made along the way
For the avoidance of doubt, Facebook messenger does not use this (or any form of end-to-end encryption) in normal messenger conversations; it is only used when you start a "Secret Conversation".
And secret conversations are locked to 1 device, I believe. Can't confirm; haven't used FB in awhile.
hybby yes, only one device
There ARE people who use Facebook?
send am image hosted on a private server to a friend, using Skype, Facebook Messenger, etc. You'll notice most of them access it under the guise of providing a preview in the client.
there is no secret when dealing with facebook, never was :D
*All the encryption processes*
Bob to Alice: "Sup?"
*Another set of encryption processes*
Alice to Bob: "Not much. Just ate."
In my paper I am not using Alice and Bob lol. I will use Anna, Ben and Eric or something lool
Man I love these videos. Learn so much! Thank you
Nugget's News brushing up on your cryptography?
I had no idea that instant messaging was so complicated, learn something new every day. Thanks for taking the time to educate us pleb's. :D
“Safe and Secure” messaging is complicated....behind the scenes.
It's complicated if your messaging app actually follows through.
I used to teach my students via WhatsApp, but we've now fully switched to the SIGNAL messaging app and are having a great experience.❤️🌹
So finally it’s recommended by UA-cam 🙂
Recommended after 2 years
Dr Mike has a perfect record of putting me and my trivial skills in my place. He definitely got me after the first two public keys.
Dr. Mike Pound is the best in explaining!
I see Dr. Pound, I click.
I thought you'd say "I pound [that link]", but I was disappointed.
Excellent, I was hoping you'd cover the ratchet mechanisms built into the protocol, but I see they're coming in the next video.
Thank you for spreading awareness!
Mike is the best presenter by far
Signal's safety number isn't one hash of both keys; it's a hash of each key, so a pair of fingerprints, sorted so it looks the same on both screens. One half is always your fingerprint.
It's time that this guy takes over the channel
Finally some attention for Signal and OWS!
what abou attention now 2021 after whatsapp TOS update.
I only found out about it after Elon Musk tweeted. Google Play would never show this app earlier. You had to manually search for it.
I saw a guy do a Triple Diffie Helman at the Coney Island pier years ago...
Please, do tell!
@@tabaks Oh! Did you see a gu (black hoodie, very sad look) sitting on the edge of the pier, throwing himself into the sea, while talking to an imaginary friend?
I LOVE how Dr. Pound explains stuff in lay people terms.
Very informative! Didn't knew end-to-end is so complicated!
I think the only people who follow this guy already know the subject.
Thanks for making this video. I'm always looking for better ways to try and explain the Signal Protocol to other people, and this makes an excellent starting point. I've personally focused so much on the ratcheting process (hopefully to be covered well in the next video) that I've almost forgotten about the nuances of the session setup process.
Zucc disapproves.
Well that Zuccs...not!
That's generally a sign you're doing it right
This aged well
@@saneyarkhazin7671 always has been
@@saneyarkhazin7671 messenger's end to end is a joke compared to signals. they still store all their keys on the meta servers so the point of the encryption is basically moot for user privacy
So there's only a finite amount of backlog messages that the server can receive for me when I'm offline, since there's a finite number of one-time keys that it has for me?
Yes, that is correct. Whatsapp and Signal use the open source libsignal library developed by Wisper Systems, at first glance it looks to me like the documentation on how to use libsignal suggests to create a 100 pre-keys.
Signal
Anyone after new terms of WhatsApp?
Yep today's moving day 😄
@@kwadwoamponsah F1ck whatsapp
the two dislikes are from some men in the middle
u r wrong there r 12 of them now!
@Fahim Saharaiar, what can I say?!... other than I spoke too soon...
Andrei Macaria u rong the r 18 of the now!!!¡
Andrei Macaria, one of them being Mark Zuckerberg
@@Not.Your.Business How about this there are "dislike-number number of dislikes!" Ha, can't prove me wrong now!
Why is it called triple Diffie-Hellman if it uses four Diffie-Hellmans?
what about group chats? How are encryption keys generated in a group chat. What happens when you add a member or remove a member from the group. Does the whole key change? This would make a very informative video
i have a question: what happens in group messaging? like in whatsapp groups? if everyone is end-to-end encryped with everyone how can i read what happens between 2 group members?
As far as I know, in my own words, you include all the public keys of your friends in the encrypted message so that it can be opened by them. As i see it, the more people your message is directed to,the more vulnerable it is.
@@ΕρμήςΔούλος absolutely!
Guys Frankly Telling You I have been using Signal Private messenger for almost One years , its Really working Awesome , Finally I I found my personal data privacy and security with Signal private messenger
Thanks to Signal team, they made privacy easy
@@jimsstek5567 man you got paid for this? Whatsapp also uses e2e encryption confirmed by OWS, so who cares about alternatives
@@hampelmann5804 why not? Signal messenger developer are the same team that develop signal protocol.
Dr. Pound. What a name.
me before watching: I will build the most secure messaging application which is ever built.
me after watching: I will use caesar cipher
Ah yes, I like you, simple and effective, no need for all this Diffie-Iffy nonsense
The protocol has been extended to support "multi-device" on whatsapp, it might be super interresting to learn how that changes the game, how it is still possible to verify each other ver-changing bundle of devices on each end of the line and what prevents new rogue devices to be forefully "added" to people bundle, as well as how to device enrollement is secured.
and multi-device on Signal itself too! It's amazing how messages can securely sync between my phone and PC
Signal needs to be more popular, I hate using messenger, sms to communicate with friends.
so make it more popular?
Pretty easy thing to say, hard thing to accomplish.
It was somewhat of a battle to have the majority of my family to install Signal (they still only use it to communicate with me, otherwise they use WhatsApp) convincing friends was/is nearly impossible.
After the last Facebook scandal some of them installed Signal, but still only fraction.
Awesome video. Would appreciate one on the KDF.
Who else is watching this in 2021? suddenly super relevant!
Usually you will be prompted forced to use a different means of identification, typically your cell number, when you register, and the app will verify this by sending you a message via your mobile network. This is also an out of band identity verification. It is somewhat compromised by burner phones which are now also (cheap) smart phones...
I would love to see outtakes of these videos :D
One day, the University of Nottingham will run out of dot matrix printer paper, and there will be no more Computerphile videos. And then we'll all be sad. :(
Oh boy this video is gonna blow up now again
Talk about the double ratchet!
He's a really great teacher.
Bring forth the true Signal Protocol!
Hi amit from india active user of Signal Private Messenger. The messenger is awesome because it offers me full control over my messages. The best part is that it has a lot of advanced features like 'disappearing messages', 'screen lock', 'incognito keyboard', 'read receipts', 'message trimming' etc.
If Android and iOS are keylogging or the application installed is doing keylogging it does not matter if the data is encrypted when transferred out of your phone because at the side you clear text is encrypted and sent to the total surveillance network...
That was actually mentioned in their End to End Encrytion video: something along the lines of "end to end encrytion is secure enough that attacking the endpoints is easier/it doesn't prevent someone from taking your phone and reading your messages".
Say I install Eve's app. It generates a keypair for me and uses that to encrypt my messages to Bob. Nothing's stopping Eve from just decrpyting my messages.
That's the problem with this app-based world. People aren't supplying their own keys. If the app and the servers and the key generators are all owned by the same person, your privacy is fully at the whim of Eve.
Thanks for sharing this amazing explanation!
I'm feeling very thick after listening to this...
Shouldn't it be possible to do key exchange for a new contact with a one-time message over the phone network, skipping the privately owned server? Then you could verify each other based on the phone number.
So, ”security codes” are the PGP equivalent of sharing key fingerprints in person. Is there something similar to a web of trust (or a “strong set”) in Signal?
Not really. Key transmission is handled by the server.
@@durnsidh6483 Just like PGP and keyservers. People don't exchange their public keys, just the fingerprints. Which are very similar to these codes.
@@Lysergesaure1 But people don't sign each others keys, so there is no way to build a web. It's technically possible to sign other people's keys using a somewhat contrived signing algorithm that's used to sign the SPK's, but in terms of the apps functionality, no.
So to ensure IP_kB belongs to Bob, you had to do it out of band, most likely meeting in person. Then, why not just form a shared key, or a sequence of shared keys at that point? I guess the advantage of doing it this way is so that the OP_kB can be updated with more keys without meeting out of band again after the first time...
Everywhere I go, Alice and Bob have been there first.
Thanks for the explanation!
The Matrix protocol (and the Riot messenger) is my choice!
@Ellaine It does bridging. If you want to look witty at least look at their website.
@@no-defun-allowed Federation is a form of distribution. Do you mean peer-to-peer?
Dr. Mike mentioned Signal in 2018, how cool is that?
Why not just use Bob's public key to encrypt the messages? To mitigate the problems of private keys being leaked?
I'm a bit confused by what you're suggesting here?
because (from what I gather) there is no RSA/DSA protocols being used here, just diffie hellman which only create symetric keys.
graymalkinmendel: That was one possible answer I was thinking, even with RSA you get problems (asymmetric key encryption tends to be more computationally expensive than symmetric) but it’s really ambiguously worded and I’m not sure what they mean by mitigating the risk of leaking private keys...
How does the protocol work for multiple devices? Like Whatsapp Web or the signal desktop app?
By scanning the QR code you set up a secure connection between the browser/desktop app and the content of your message is then sent to the app on your phone, from where it is sent as a normal message.
@@philips9042, you can use Signal on Desktop without having your phone turned on.
The safety number isn't generated by a hash function. It's actually just the concatenation of a part of each party's identity key fingerprint (lesser part first). You can check this for yourself by comparing your safety numbers from two different conversations. Half of the digit string will be the same in every conversation on your phone. That half corresponds to your identity key.
Matt Whitlock - To his credit, he did make clear it wasn't literally a hash. The analogy was apt.
The fingerprint is literally a hash of a public key, though. What's unclear (deliberately) is that there are two, sorted for consistency.
@@0LoneTech Right. It's the concatenation of two (truncated) hashes, not the hash of a concatenation.
So I assume we would have one pre-key bundle for each conversation, is that right?
Major key alert 🔑
Ans another one 🔑
Guys could you do it a video on RSA? It would be interesting to see how it is used in the real world (with real examples), and also I am doing a project on it so it would be really helpful :D
I have a great idea for total private communications. I hate to say it here for fear it may get stolen, but I'm going to say it anyway. What if we started a business where we wrote things on paper and took them to a place where a person would deliver it to the person you're reaching out to. We could charge for each paper delivered, kinda like Uber but for papers.🤔
Unless you send the courier with an encryption key that will unlock another encryption key that was sent via unsecure chat.
1:52 How does that work? does Bob produce a second public key and encrypt it with the private key from the identity key?
Hey, I got a bit lost around 8:30, where you are talking about how the server combines the two identity keys. I don't quite understand how that helps ruling out man-in-the-middle attacks. Shouldn't we also incorporate the signed versions and and check them? Cheers
Please consider allowing automatic captioning. Thank you!
private key and public key both are generated by the app, it mean app knows how to generate the private key and all the terminology, it is possible to break this encryption by that creator who make the app or who have all the control , is that not true generating the keys by the app may be store in the server at that time
Is this the same concept as secure business communications with public and private keys, and if not how do does one go about learning this thanks.
Have you figured out how to learn it yet?
Wow. So informative I had to join
It may be safe against other parties doing the MITM attack, but nothing stops the actual service(For example WhatsApp) to do MITM on the messages. The only way to verify is with the "security key", but nothing is stopping WhatsApp from just generating a number, sending it to both phones and displaying that number.
Can there be a video on Telegram's MTProto?
What's the difference between the safety number and a siganture?
So if I understand this correctly if there is a man in the middle, the safety numbers will not match up, and if they do, there is a guarantee that there is no such attack? A man in the middle could also only drop and replay messages, but not read them due to the encryption, correct?
Oooo sneak preview of the next episode in the end credits
Hypothetically speaking, if the client is not open source and installed from source itself and we do not verify the safety number off the band, people controlling Signal could man in the middle attack us if they were so inclined. Thankfully we can install from source and also verify the safety numbers so its not an issue. Again hypothetically speaking Signal servers could be setup such that it only attempts man in the middle attack from Playstore but not the ones installed from source. Please correct me if I have misunderstood the way this works.
Signal does this key exchange for every message, right? Is it possible to only do the key exchange once or to do it via SMS (no server)? I miss being able to text without data.
Via sms? Lol
@@0xkslkdedcs5 They keys are just text so you could send them over sms, no?
@@MarcelRobitaille seems some Encrypted SMS apps do exists, but not very popular.
Do a video on the matrix protocol!
Also, does the security number prevent a man in the beggining attack, where somone hijacks the initial handshake with the server?
It does not prevent it but the safety number verification will fail if someone did an active man in the middle attack on your initial handshake.
For usability reasons Signal and most other end to end encrypted messengers use the trust on first use (tofu) principle. They assume that there was no active man in the middle attack on the initial handshake and even in the case of new handshake which is usually triggered for benign reasons, e.g. a new phone, they just notify you in the conversation view.
For highly sensitive conversations you should always verify the safety number out of band before you trust the communications channel.
And, that's how it came to be that Bob's your uncle and Alice you aunt!
What does the multiple DH do that isn't already achieved by Bob and Alice signing each of his ephemeral public keys and destroying the ephemeral private keys after one use?
I believe it helps to make sure the server is not a man-in-the-middle.
A technical explination for how SIMP's work
Who has come here after Whatsapp privacy policies change?
just answer me one question if the signal is open source then how it can be end-to-end encrypted ???
The two are unrelated. Open source just means that the code is freely available, but the code doesn't include these encryption keys, it only contains the functions which generate them.
It's like the difference between publicly saying "we have a secret password" (making your "code" open source) and actually saying what the password is (giving up your "encryption key")
A question for you:
Why can't we just open whatsapp-web and do whatsapp on the computer without an internet connection on the phone?
Because of exactly this, the encryption means the messages must go via your phone, hence the name 'end-to-end'. Your phone is one end, the other persons is the other end.
@@JoshUnwin, but you can use Signal on Desktop without having your phone turned on.
Anyone after change in WhatsApp Privacy Policy & everyone switching to Signal and Telegram?
I am not sure if "WhatsApp" was there in the video title earlier :\
how does alice receive the identity key of bob, isnot private key supposed to be kept with him only? @ 3:30
What were you working on that necessitated drawing a block of wood on the whiteboard?
We are using MyChat enterprise messenger at the office. It does not require a phone number and can work without the Internet. Perfect for us for now. It also has own server, so... heck no more public messengers :D
The real question is how do you know that the app for Signal/WhatsApp/Facebook isn't secretly forwarding on your private keys?
Signal is open-source
Lol people say "X is open-source" like it means something.
All it means is that I could theoretically go and read the source code. But a) I never, ever, *ever* do that, and b) even if I did, I wouldn't understand any of it. Signal could be making a plain-text copy of every single message I send, and I wouldn't be able to tell.
Of course you can say no worries, you *did* read the source code, and you *are* well-equipped to understand every line of it, and you saw no problem with it whatsoever. But that just puts us right back to square one. Who are you and why should I trust you. For all I know you're the one receiving all those plain-text copies of my messages.
Some people lose their time reversing engendering software to see what it is doing (is not that hard). I use wapp over signal because is more popular, if it was doing something that it shouldn't we would already know
@@stefanpruna7935 knowing that the source code is the same as the binary is non-trivial though.
@@whoami13__ not if they put a bit of work into it. Passing along the keys occasionally with regular traffic to the Signal server wouldn't be hard to hide.
4 years and the next part is still "coming soon"...
At 5:53 I didn't got which keys are used to perform Diffie-Helman?
for 1:
a = IPKA (Private) ?
b = SPKB (Private) ?
g = IPKA (Public)?
n = SPKB (Private)?
So the Public Keys from the Pre-Key-Bundle are used as the public variables?
Is that the Idea?
How about the new packet protocol from Google that’s about to become a new standard for internet traffic?
Monothefox
What protocol would love if you know ...
Put a link or say the name of the protocol at least ...
@@ko-Daegu I think he is talking about QUIC
RCS?
@@GitarrenSchlepper which now is HTTP/3.
Monothefox, how about more information, less drama?
The main aim of Signal App is the end-to-end encryption that means no one can intercept and read your messages.
@Polaris431if that is possible then underlying cryptographic algo has already failed meaning that all locks are now broken not only Signal's
Neat stuff but can we talk about what's happening on that whiteboard? I see a line formula the rest doesn't seem to correlate...
Maybe I missed something obvious, but what does that safety number prove? Can't *anyone* see the public identity keys, meaning other people might have it as well, since it was generated in a deterministic way (since you both ended up with the same key)?
Jane Weber It proves the server hasn't lied about your two identity keys, because both phones have the same value of Alice's id key and Nob's id key. But this is still inferior to PGP where you can gather friend-of-a-friend identity proofs and don't need to pre-deposit a pool of single use keys on the server. The only advantage seems to be that Bob destroys his single use decryption key after use so the key cannot be extracted from his phone later, because he knows he won't need it for some future message from Charlie.
How do these guys know everything.
By watching this channel. duh.
Is the append symbol a plus sign not double pipe?
We now provide mobile numbers for signal app verification without having to share your personal information. A Simvacy number acts as your digital identity and protects your personal details and privacy.
you've killed my trust on the messaging communications hh
@Computerphile You could explain Matrix (matrix.org)
How do we know if the safety number itself is even generated correctly?
Tnx 👍👍👍👍👍👍👍👍👍👍
what does this give over simply using OpenPGP?