Many Nostr users know that the Signal protocol is a very secure end-to-end encryption protocol, recommended by Snowden. However, many people do not know why the Signal protocol is secure. In fact, the design of the Signal protocol has a historical basis and is very intuitive and simple.
End-to-end encryption protocols have gone through three key stages: the PGP (Pretty Good Privacy) protocol of the 1990s, the OTR (Off The Record) protocol of the 2000s, and the Signal protocol of the 201x.
PGP achieved end-to-end encryption through public key encryption. But if a private key leaks, all [past and future] messages can be decrypted. No [forward secrecy] and [backward secrecy].
[[In the PGP protocol, the identity key and the encryption key are the same; it serves as both the identity and is used to encrypt messages.]] [[As an identity key, it is a long-term key, and the longer it is used, the greater the likelihood of private key exposure.]]
The OTR protocol solves the problem of PGP. Its approach is simple: [[it separate the identity key from the encryption key and generates a unique encryption key for each conversation, which is deleted after use.]]
The Signal protocol inherited ideas from the OTR protocol. It mainly consists of two parts: the X3DH protocol, which is responsible for the initial key agreement, and the Double Ratchet Algorithm, which is responsible for deriving encryption keys. [[The Signal protocol derives a new encryption key for each message, which is deleted after use.]] It achieved better forward and backward secrecy.
BTW, the Signal protocol is not equivalent to the Signal app. WhatsApp also uses the Signal protocol for end-to-end encryption. The Signal protocol is only responsible for the end-to-end encryption of messages, meaning only the communicating parties can decrypt the content, not even the server administrators.
nice brief writeup on the evolution of message privacy.
OTR taking me back to the underground forums of yesteryear...
nostr:nevent1qqsy55gyxt04lja8p8va07mx9f4eymq9w2nacr20d3kfem4jxu6g9fgprdmhxue69uhkummnw3ezuur0wf6x2mt0dejhymewvdhk6q3qh0uj825jgcr9lzxyp37ehasuenq070707pj63je07n8mkcsg3u0qxpqqqqqqzypgegk
This post looks like it was written in Obsidian.