Honors College Thesis

 

A Security Analysis of the Signal Protocol’s Group Messaging Capabilities in Comparison to Direct Messaging Public Deposited

Downloadable Content

Download PDF
https://ir.library.oregonstate.edu/concern/honors_college_theses/df65vf76z

Descriptions

Attribute NameValues
Creator
Abstract
  • Signal is a multimedia messaging application developed by OpenWhisper Systems in 2015 which allows its users to communicate securely between one another through the use of a complex encryption scheme. The set of algorithms used in combination to provide the services of the Signal application to their users is called the Signal Protocol. OpenWhisper Systems has documented the direct (or peer-to-peer)messaging capabilities of the Signal Protocol with great detail and plenty of work has been done in the security analysis of the protocol in a two-party context, as well as group contexts to some extent; however, there is still obscurity behind how the Signal Protocol implements group (or peer-to-group) messaging or and if any differences in Signal's group messaging protocol, compared to direct messaging, could result in the loss of security to any extent. In order to understand the protocol further, we developed a modified Signal application to discover how group messaging operations take place. Through this analysis we were able to discover that the Signal Protocol uses direct messaging to send group messages one at a time instead of sending one message to a server and fanning out messages to the recipients, or by using a customized protocol. Further, we claim that Signal's group messaging implementation has no negative impact on security properties provided to Signal's users, in comparison to direct messaging.
License
Resource Type
Date Issued
Degree Level
Degree Name
Degree Field
Degree Grantor
Commencement Year
Advisor
Committee Member
Non-Academic Affiliation
Rights Statement
Publisher
Peer Reviewed
Language

Relationships

Parents:

This work has no parents.

In Collection:

Items