Open Whisper Systems, the company behind the encrypted messaging app Signal, is testing a new private contact discovery service that in theory will allow the app to determine if a user has Signal contacts in their address book but forbid its servers from accessing the users’ address book.
Moxie Marlinspike, the founder of OWS and the coauthor of the Signal protocol, said Tuesday the company is experimenting with a feature in Intel chips called Software Guard Extensions, or SGX, to do so.
The technology was initially designed for DRM and fashions a secure enclave of sorts inside the processor, separate from the host operating system and the kernel. According to Marlinspike the SGX enclave can be tweaked to run on the server and reversed to afford a service the ability to “perform computations on encrypted client data without learning the content of the data or the result of the computation.”
The technology should help settle the nerves of privacy-conscious individuals who have long disliked the idea of Signal accessing their contact list to look for Signal users.
Signal has always gone about this in a complicated but relatively secure way. It tabulates the truncated SHA256 hash of each phone number, transmits those to Signal, then Signal does a lookup from that set of hashed users to find legitimate users. Marlinspike says the inherent danger in doing it this way is that the hash of a user identifier can be inverted.
With the new system, which Marlinspike says is still in beta mode, the contact discovery service runs in a secure SGX enclave. Signal’s servers can’t and won’t collect hashes. A secure connection initiates and clients perform something called remote attestation—a feature that cryptographically guarantees the code is running in a remote enclave. The client transmits encrypted contact identifiers from a user’s address book to the enclave, then the enclave looks those up from a set of registered users, encrypts the results, and sends them back to the client.
The service is still in its infancy but Marlinspike calls it not only efficient but scalable, up to more than a billion users.
As the technology is still in the early stages, Open Whisper Systems has made the contact discovery service open source and put its code on GitHub in hopes of soliciting public opinion. Marlinspike says that Signal plans to deploy the service into production and integrate it into clients once developers finish testing it over the next few months.
The news that Signal is working to make itself more privacy-focused comes as popularity over encrypted chat apps such as Signal and WhatsApp has reached somewhat of a fever pitch.
Earlier this spring the U.S. Senate approved usage of Signal for lawmakers and staff in the chamber. Approval to use the app was officially granted back in March but came to light in May after Sen. Ron Wyden (D-Ore.) penned a letter (.PDF) to Frank Larkin, the Senate’s Sergeant at Arms, thanking his office for approving the app. Encryption experts applauded the move at the time but said that extra steps also need to be taken to ensure “civic” infrastructure is equally protected.
Another encryption service, the public key crypto database Keybase brought end-to-end encrypted messaging to apps such as Twitter, Facebook, and Reddit earlier this year. The service let users who have verified themselves with their public encryption key securely chat with other users in February but expanded the chat to other apps via a Chrome browser extension in May. The company released an alpha version of Slack-like team messaging tool, Keybase Teams, last week. All messages through the project, like Keybase, are end-to-end encrypted.
