Protecting Signal Keys on Desktop
“A lone man in a desert trying to understand the inner workings of a computer in the style of Moebius”, by DALL-E.
At SandboxAQ, we recently delved into Signal Desktop to identify how its key management could be improved by using security hardware. Our analysis highlights the need for robust and consistent key isolation services across desktop platforms. In this blogpost,
Signal is an open-source messaging service that implements end-to-end encryption. Its users benefit from best-in-class privacy when communicating online.1 This level of privacy is made possible by the Signal protocol, considered the gold standard of end-to-end encrypted messaging. Its security protocol depends on cryptographic keys handled on-device. For mobile devices, Signal securely stores them in isolated and controlled locations. However, when it comes to desktop, Signal (just like everyone else) must do without OS-provided secure key management capabilities.
It all starts with a Twitter post explaining how an attacker running malware could extract all Signal Desktop’s confidential data and run a clone of the victim’s messaging application. This attack was possible because, although Signal encrypts the local database containing confidential data (including messages and keys), it stored the database decryption keys in plaintext.
