top | item 45455146

(no title)

pelzatessa | 5 months ago

This is actually disturbing, as the article suggests that all previous messages sent using Signal are decryptable with quantum computers. If there are people with, for example, selfhosted mailservers sending PGP encrypted emails to each other, then, while they have to worry about them not leaking out from the server either by someone hacking to it or someone sniffing the traffic with the encrypted messages beforehand, they know for sure that their messages are safe.

Meanwhile Signal users have been sending messages onto signal servers for years now, as far as I know they aren't sent directly through some p2p protocol. I don't know what their policy is about storing messages, and I believe that they have a lot of other countermeasures, but it still points to the problem with Signals centralized nature.

discuss

ale42|5 months ago

As far as they say, messages are deleted once delivered, or retained up to 45 days if not:

   Devices are always retrieving messages from their mailbox when they are 
   online, and as soon as the device confirms they’ve gotten a message, it is 
   deleted from the Signal servers.

   If a device has been offline for a while, it may have a lot of messages 
   waiting in its mailbox when it returns. Today, Signal will hold a message in 
   a device’s mailbox for up to 45 days, giving an idle device a chance to wake 
   up and fetch it.

(source: https://signal.org/blog/a-synchronized-start-for-linked-devi..., dated Jan. 2025)

pelzatessa|5 months ago

It is possible for them to say that they deleted the messages without actually deleting them though. One has to trust a pretty big company in order to not worry about the messages actually not being stored anywhere.

I'm not aware of all techniques that Signal uses to somehow make the message anonymous even when if the encryption would have been broken, but sealed sender seems to be one of them:

https://signal.org/blog/sealed-sender/

So at least there's that. Unless the encrypted sealed sender messages aren't somehow being fingerprinted by the IP address of client and the timestamps of connections. Signal probably also says that they don't log these, but with self hosted mailserver I wouldn't have to trust them on that too.

633212490|5 months ago

Using PGP over self-hosted email servers won't help you against a post-quantum adversary. While people have discussed post-quantum extensions to PGP, it doesn't exist yet. Similarly, while post-quantum TLS _does_ exist, it was only just implemented in OpenSSL; I doubt Postfix supports it yet.

So you're in an even worse post-quantum situation with email, even if you end up with TLS-encrypted PGP-encrypted messages, you're still not post-quantum secure.

pelzatessa|4 months ago

My point is that to this date everyone was not post-quantum secure, and only the people whom had their messages stored on their servers only can be sure that someone won't read their contents.

Also PGP emails were just an idea that seemed the most basic for me to illustrate an example of selfhosted encrypted messaging. Probably they lack more security features than just post-quantum, compared to the other messengers anyway :)

unknown|5 months ago

[deleted]

palata|5 months ago

> If there are people with, for example, selfhosted mailservers sending PGP encrypted emails to each other

In good approximation, nobody does that.

pelzatessa|4 months ago

Yeah, that's true. If they did though, then I think that they'd be more secure than with Signal, at least in this certain aspect of message storage.

FergusArgyll|4 months ago

Why do you need the mailserver to be self hosted? just pgp encrypt client side

pelzatessa|4 months ago

In the scenario with mailservers with PGP encrypted messages I did intend the messages to be encrypted client side, perhaps it was not clear enough. When I selfhost my own server (and my trusted friend selfhosts his), I can be completely sure that the encrypted messages will not be dumped either through storage or while relaying them. If sent PGP end-to-end encrypted messages through, say, gmail, then I'm not 100% sure that gmail won't store these messages somewhere and decrypt them whenever quantum computing becomes available for them.