From 41dd22012f58f7d32b661991264b61030a5f7b18 Mon Sep 17 00:00:00 2001 From: Jonah Aragon Date: Wed, 8 Nov 2023 18:45:00 -0600 Subject: [PATCH] Add Signal username information (#2079) --- docs/real-time-communication.md | 52 +++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 19 deletions(-) diff --git a/docs/real-time-communication.md b/docs/real-time-communication.md index 3a4c2c5f88..d351a2e009 100644 --- a/docs/real-time-communication.md +++ b/docs/real-time-communication.md @@ -20,9 +20,7 @@ These messengers are great for securing your sensitive communications. ![Signal logo](assets/img/messengers/signal.svg){ align=right } - **Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. - - All communications are E2EE. Contact lists are encrypted using your Signal PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts you chat with. + **Signal** is a mobile app developed by Signal Messenger LLC. The app provides instant messaging and calls secured with the Signal Protocol, an extremely secure encryption protocol which supports forward secrecy[^1] and post-compromise security.[^2] [:octicons-home-16: Homepage](https://signal.org/){ .md-button .md-button--primary } [:octicons-eye-16:](https://signal.org/legal/#privacy-policy){ .card-link title="Privacy Policy" } @@ -39,7 +37,18 @@ These messengers are great for securing your sensitive communications. - [:simple-apple: macOS](https://signal.org/download/macos) - [:simple-linux: Linux](https://signal.org/download/linux) -Signal supports [private groups](https://signal.org/blog/signal-private-group-system/). The server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender/) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam. Signal requires your phone number as a personal identifier. +Signal requires your phone number for registration, however you should create a username to hide your phone number from your contacts: + +1. In Signal, open the app's settings and tap your account profile at the top. +2. Tap **Username** and choose **Continue** on the "Set up your Signal username" screen. +3. Enter a username. Your username will always be paired with a unique set of digits to keep your username unique and prevent people from guessing it, for example if you enter "John" your username might end up being `@john.35`. +4. Go back to the main app settings page and select **Privacy**. +5. Select **Phone Number** +6. Change the **Who Can See My Number** setting to: **Nobody** + +You can optionally change the **Who Can Find Me By Number** setting to **Nobody** as well, if you want to prevent people who already have your phone number from discovering your Signal account/username. + +Contact lists on Signal are encrypted using your Signal PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts you chat with. Signal supports [private groups](https://signal.org/blog/signal-private-group-system/), where the server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when [Sealed Sender](https://signal.org/blog/sealed-sender/) is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam. The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf) in 2016. The specification for the Signal protocol can be found in their [documentation](https://signal.org/docs/). @@ -100,13 +109,13 @@ The client software was independently [audited](https://briarproject.org/news/20 Briar has a fully [published specification](https://code.briarproject.org/briar/briar-spec). -Briar supports Forward Secrecy by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol. +Briar supports forward secrecy[^1] by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol. ## Additional Options !!! warning - These messengers do not have [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy), and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications. + These messengers do not have forward secrecy[^1], and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications. ### Element @@ -137,7 +146,7 @@ Profile pictures, reactions, and nicknames are not encrypted. Group voice and video calls are [not](https://github.com/vector-im/element-web/issues/12878) E2EE, and use Jitsi, but this is expected to change with [Native Group VoIP Signalling](https://github.com/matrix-org/matrix-doc/pull/3401). Group calls have [no authentication](https://github.com/vector-im/element-web/issues/13074) currently, meaning that non-room participants can also join the calls. We recommend that you do not use this feature for private meetings. -The Matrix protocol itself [theoretically supports PFS](https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/megolm.md#partial-forward-secrecy), however this is [not currently supported in Element](https://github.com/vector-im/element-web/issues/7101) due to it breaking some aspects of the user experience such as key backups and shared message history. +The Matrix protocol itself [theoretically supports forward secrecy](https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/megolm.md#partial-forward-secrecy)[^1], however this is [not currently supported in Element](https://github.com/vector-im/element-web/issues/7101) due to it breaking some aspects of the user experience such as key backups and shared message history. The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last) in 2016. The specification for the Matrix protocol can be found in their [documentation](https://spec.matrix.org/latest/). The [Olm](https://matrix.org/docs/projects/other/olm) cryptographic ratchet used by Matrix is an implementation of Signal’s [Double Ratchet algorithm](https://signal.org/docs/specifications/doubleratchet/). @@ -167,11 +176,11 @@ The protocol was independently [audited](https://matrix.org/blog/2016/11/21/matr Session allows for E2EE in one-on-one chats or closed groups which allow for up to 100 members. Open groups have no restriction on the number of members, but are open by design. -Session does [not](https://getsession.org/blog/session-protocol-technical-information) support PFS, which is when an encryption system automatically and frequently changes the keys it uses to encrypt and decrypt information, such that if the latest key is compromised it exposes a smaller portion of sensitive information. +Session was previously based on Signal Protocol before replacing it with their own in December 2020. Session Protocol does [not](https://getsession.org/blog/session-protocol-technical-information) support forward secrecy.[^1] -Oxen requested an independent audit for Session in March of 2020. The audit [concluded](https://getsession.org/session-code-audit) in April of 2021, “The overall security level of this application is good and makes it usable for privacy-concerned people.” +Oxen requested an independent audit for Session in March 2020. The audit [concluded](https://getsession.org/session-code-audit) in April 2021, “The overall security level of this application is good and makes it usable for privacy-concerned people.” -Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the technicals of the app and protocol. +Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the technical details of the app and protocol. ## Criteria @@ -181,17 +190,22 @@ Session has a [whitepaper](https://arxiv.org/pdf/2002.04609.pdf) describing the We are working on establishing defined criteria for every section of our site, and this may be subject to change. If you have any questions about our criteria, please [ask on our forum](https://discuss.privacyguides.net/latest) and don't assume we didn't consider something when making our recommendations if it is not listed here. There are many factors considered and discussed when we recommend a project, and documenting every single one is a work-in-progress. -- Must have open-source clients. -- Must use E2EE for private messages by default. -- Must support E2EE for all messages. -- Must have been independently audited. +- Has open-source clients. +- Does not require sharing personal identifiers (phone numbers or emails in particular) with contacts. +- Uses E2EE for private messages by default. +- Supports E2EE for all messages. +- Has been independently audited. ### Best-Case Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page. -- Should have Forward Secrecy. -- Should have open-source servers. -- Should be decentralized, i.e. federated or P2P. -- Should use E2EE for all messages by default. -- Should support Linux, macOS, Windows, Android, and iOS. +- Supports Forward Secrecy[^1] +- Supports Future Secrecy (Post-Compromise Security)[^2] +- Has open-source servers. +- Decentralized, i.e. [federated or P2P](advanced/communication-network-types.md). +- Uses E2EE for all messages by default. +- Supports Linux, macOS, Windows, Android, and iOS. + +[^1]: [Forward Secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose **past** messages as well. +[^2]: Future Secrecy (or Post-Compromise Security) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties, since they lose access as soon as a key exchange occurs that is not intercepted.