So, I’m interested how the implementation of “Perfect Forward Secrecy” in Signal looks like, like does every messages has a different encryption key? or does it change over time like #whatsapp does? I tried to find any official documention of this, sadly did not find anything.
Thats why I’m asking, does anyone of you know smth about this and maybe can provide a link to a official source?
#signal #signalapp #privacy #encryption @signalapp @SignalUpdateInfo @privacy
Diffie-Hellman is only a key exchange protocol and does not provide forward secrecy. Imagine that my and your client figure out our shared secred (key) with DH, then encrypt our chat with that. If someone breaks only a bit of our traffic, then they can read newer messages as well.
https://en.wikipedia.org/wiki/Forward_secrecy
Forward secrecy means that at any point messages are encrypted with keys that aren’t reused forever, which means if an attacker can intercept traffic and read a bit, or crack the encryption, that they don’t automatically get access to our future conversation as well.
The PFS comes from deleting the secret DH parameters after you are done using them.