I absolutely love this! Never understood how we ended up trusting our messengers to not read our messages, instead of just handing them encrypted messages. This makes so much more sense. Now I just need to convince a couple of friends...
The "fairytale mode" is a very fun addition though I wonder how long the messages will become for anything that is long than "Hi Bob"?
Assuming the Bitcoin mining network as a reference to the state of the art:
It would cost around a million US $ just for the cost of the electricity (8 cents per kWh) to impersonate you (1024 bit DSA). That could also lead to a MITM attack.
To attack the encryption directly would take 65 billion $ in electricity alone. So fairly unlikely.
So you would have to ask yourself what your messages are worth should you use OTR...
This approach is a step up from enigma-reloaded[1] which had some copy+paste friction to use. Genius to put it in the android keyboard itself like an enigma machine.
From a quick glance enigma-reloaded doesn't handle key rotation, which is both mandatory beyond toy usage and hard enough that you can't just send new keys manually. This is why pgp still makes sense today
The choice of JSON is strange. The messages aren’t human readable, and message size may be limited (e.g. SMS). Using a compact binary wire format like protobuf could save ~20 bytes per message.
Edit: binary format is of course base64 or more compactly encoded to text in the end.
I would assume it's for compatibility, things like null-bytes aren't generally valid inputs by messaging apps, they could have done base91 or something unicode-based with msgpack/protobuf though
This serves as a demonstration of the futility of destroying E2EE for popular messaging apps. It's a political statement in the same sense that the creation of PGP was.
If or when messaging platforms catch on and block long contiguous strings would the base64 be broken up into random lengths? What other ways might this be blocked and then unblocked?
That's a cat and mouse game messaging platforms would lose. e.g. you can encode arbitrary byte pairs as English words using a 64kword dictionary. Platforms would have to start deciding "does this English looking text make sense?"
I recall seeing a few scripts that do just this but apparently I did not bookmark them or they are named oddly. That might be a nice alternate option for platforms that get finicky about long strings. I recall people saying this would make the text too big but I think it could be cut up into multiple messages especially if the app had an outbound queue and delays to avoid tickling rate limits.
This is good if your threat model doesn't include the phone itself. I built something simliar to this as an external hardware implementation a few years back to deal with the phone itself being rooted:
Been working towards getting it ready for open source release later this year.. password manager, two factor auth, and message encryption accomplished in the external hardware, was the core idea.
- Signal has stated they'll withdraw from the EU rather than cooperate
- That means the app won't exist in the official EU app stores (iOS, etc.). Users will have to load the app on their own (which 95% of users won't do)
- Next, because Signal is no longer providing services, Signal's EU gateways will not be operational. Now your messages are encrypted, but I've no idea if your Signal connects at all, and where (Signal gateways in some Five Eyes country, perhaps?).
tldr; you're still leaking metadata, and now to a country that has no obligation to not track your metadata (your IP, when you sent message, who received message around the same time, etc).
My suggestion would be get a proper decentralized messenger rather than spend time on these workarounds of questionable value.
I always get down-voted for "shilling", so I won't even make any suggestions this time. DYOD!
I can't find any references to 2022/0155(COD) ("Chat Control 2.0") on the Signal website. However, I'm sure their response will be very similar. The EU is being as malicious and deceitful with its proposal as the UK, if not more, and the implications for E2EE are very much the same.
A significant amount of people will go "huh, Signal will only work when my Netflix VPN is on, I wonder why that is". Signal won't just disappear.
In fact, Signal has a network of volunteers running special proxy services[1] to access Signal from countries with oppressive governments. Signal the company may leave, but Signal the app will try to stay relevant for as long as possible.
This is just genius, I love it! As someone already mentioned, more as a political statement than a useful app, let's hope and work towards not really needing it because we will be able to "just use Signal".
34 comments
[ 4.8 ms ] story [ 83.8 ms ] threadThe "fairytale mode" is a very fun addition though I wonder how long the messages will become for anything that is long than "Hi Bob"?
https://otr.im/
Edit: Someone else's blog post about the crypto:
https://dustri.org/b/time-to-sunset-otr.html
OTRv4:
https://github.com/otrv4/otrv4/
It would cost around a million US $ just for the cost of the electricity (8 cents per kWh) to impersonate you (1024 bit DSA). That could also lead to a MITM attack.
To attack the encryption directly would take 65 billion $ in electricity alone. So fairly unlikely.
So you would have to ask yourself what your messages are worth should you use OTR...
[1]: https://enigma-reloaded.github.io/enigma-reloaded/#/
Edit: nevermind: found the „use clipboard to read messages“ line
Edit: binary format is of course base64 or more compactly encoded to text in the end.
There's long been a transparent in-the-background upgrade to MMS when the message gets too big, so this shouldn't be a problem.
Also the key exchange via a not e2ee messenger feels weird.
https://www.anomie.tech/products/anigma/
Been working towards getting it ready for open source release later this year.. password manager, two factor auth, and message encryption accomplished in the external hardware, was the core idea.
- Signal has stated they'll withdraw from the EU rather than cooperate
- That means the app won't exist in the official EU app stores (iOS, etc.). Users will have to load the app on their own (which 95% of users won't do)
- Next, because Signal is no longer providing services, Signal's EU gateways will not be operational. Now your messages are encrypted, but I've no idea if your Signal connects at all, and where (Signal gateways in some Five Eyes country, perhaps?).
tldr; you're still leaking metadata, and now to a country that has no obligation to not track your metadata (your IP, when you sent message, who received message around the same time, etc).
My suggestion would be get a proper decentralized messenger rather than spend time on these workarounds of questionable value.
I always get down-voted for "shilling", so I won't even make any suggestions this time. DYOD!
I'm trying to read more about this but am coming up short. Did you mean the UK? Signal has https://www.signal.org/blog/uk-online-safety-bill/ up, but nothing that I can see on the EU.
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A20...
In fact, Signal has a network of volunteers running special proxy services[1] to access Signal from countries with oppressive governments. Signal the company may leave, but Signal the app will try to stay relevant for as long as possible.
[1]: https://github.com/signalapp/Signal-TLS-Proxy
But otherwise, really cool idea :)