Many of us (or at least me) would probably like to see Signal getting decentralized. Here are a few thoughts I had about this recently.

First let me define three persons:

  • Peter (using the official signal.org instance)
  • Ted (using the example.com instance)
  • Andrew (using his own instance under andrew.chat)

Couldn’t we use the upcoming username feature to build a decentralized signal network? For example with a modified client or maybe just a modified libsignal library we could parse the instance from the username which would look like an email address (ted.42@example.com or andrew.62@andrew.chat). If the username doesn’t have a domain part it just uses the default instance (so Peter just has the username peter.94).

Maybe we have some people here who are already familiar with the Signal codebase and willing to assist?

EDIT: Yes I know Session and Matrix exist but Session is to extreme and technical and Matrix is more focused on communities and groups which aren’t even encrypted. Besides that both of them have a much smaller userbase compared to Signal.

  • Chris Ely@fosstodon.org
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    10 months ago

    That’s a fair criticism. I prefer using Session with better multiple device support and without waiting for Signal to finally stop using phone numbers.

    When using either, disappearing messages should be enabled.

    The part about PFS falls down, for me, when you assume both that keys can be cracked in some shorter than normal time-frame, and that the new key (per message, or less often) won’t also be cracked quickly.

    @KLISHDFSDF

    • ᗪᗩᗰᑎ
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 months ago

      The part about PFS falls down, for me, when you assume both that keys can be cracked

      The argument doesn’t hold because its known that keys aren’t 100% secure [0]. This is why recommended key algo’s and lengths are constantly changing and increasing in size because either they’re found to be weak and/or compute has increased to the point where, although it may not be easy, it’s still a possibility for someone with enough resources to break. And again, at least on the Signal side, they’re left with having to decrypt every single message, where with Session, one key gets you access to everything.

      I do agree that disappearing messages should be enabled for maximum security.


      [0] See page 54 in this PDF -> nvlpubs.nist.gov for what NIST recommends for key length and specifically note the caveat that:

      The security-strength estimates will be significantly affected when quantum computing becomes a practical consideration.

      Page 62 further presses the point:

      At some time, the security strength provided by an algorithm or key may be reduced or lost completely. For example, the algorithm or key length used may no longer offer adequate security because of improvements in computational capability or cryptanalysis.