> The audio stream is encrypted with the SRTP protocol, with DTLS-SRTP being used for the key exchange. The certificates used for the DTLS session are cryptographically linked to the keys used for Threema’s end-to-end encryption by means of including the certificate fingerprints in signaling messages. DTLS version 1.2 is enforced.
From the Whitepaper: "Due to the inherently asynchronous nature of mobile messengers, providing reliable Forward Secrecy on the end-to-end layer is difficult. Key negotiation for a new chat session would require the other party to be online before the first message can be sent."
That's not a problem for voice calls because voice calls inherently require both participants to be online.
Though I am curious why Signal's approach [0] wouldn't work for Threema.
est31|5 years ago
> The audio stream is encrypted with the SRTP protocol, with DTLS-SRTP being used for the key exchange. The certificates used for the DTLS session are cryptographically linked to the keys used for Threema’s end-to-end encryption by means of including the certificate fingerprints in signaling messages. DTLS version 1.2 is enforced.
throwaway9d0291|5 years ago
That's not a problem for voice calls because voice calls inherently require both participants to be online.
Though I am curious why Signal's approach [0] wouldn't work for Threema.
[0]: https://www.signal.org/blog/asynchronous-security/