[messaging] encryption of Signal notification messages
Halil Kemal Taşkın
haliko87 at gmail.com
Tue Feb 23 01:41:40 PST 2016
That's right, the notifications are used to trigger the app to notify there is a new message. These notifications have some properties. So, you can set a payload with the notifications. This payload includes a text data to show what is the content of the incoming message on the notification panel of your partner.
So, as a developer you can write anything here, and that text will be shown on the notification screen.
Considering Apple APNS example, as a client, when you register your app, the phone gets a push token from Apple and submits it to the app's own server (in this case Signal's server). Now the app's server can use this token to send a notification to your device through Apple APNS servers.
Here the end-to-end encryption between users is not the problem. It is still there without problem. But, the message you wrote is also sent to the Signal's app server for push notification and then relayed with your token to the Apple APNS server and the notification is shown on the phone of your partner.
Signal just shows directly the message content (or only part of it because of payloads are limited) itself on the notification payload. This means that your end-to-end encrypted message also has been shown by the Signal's app server and Push notification system. That's the point I want to stresss that this actually damages the idea of end-to-end encryption.
Again, as a summary, there is no problem with the end-to-end encryption here.
But your message is also sent in plaintext for push notification issues.
Halil Kemal TASKIN.
23 Şub 2016 tarihinde 01:02 saatinde, Raphael Arias <arias at in.tum.de> şunları yazdı:
> Hey Halil,
> I think you are severely mistaken in what you claim here. On what are
> you basing these statements?
> As far as I know, the notifications are (at least on some platforms)
> ONLY used to trigger the local app to fetch the end-to-end encrypted
> message from the whispersystems server . Maybe someone else can pitch
> in. This would mean, that the push service does not even get to see the
> *encrypted* message, much less a plaintext version of it.
> If I am actually mistaken here, please enlighten me with a source for
> the things you write.
> Best regards,
>  Moxie has said so in the thread "Re: [whispersystems] Using WebPush
> rather than the Google Services" in the whispersystems mailing list on
> December 4th, 2015:
> Nothing is in the push contents, it's just an empty notification to
> initiate a connection.
>> On 02/22/2016 11:32 PM, Halil Kemal Taşkın wrote:
>> Besides your communication with your partner, there is another issue
>> here; the servers in the middle.
>> Actually, Signal can encrypt everything end-to-end between you and your partner.
>> Here interesting point is the push notification service. So, when you
>> write a message and touch the send button, application mainly does two
>> thing, one is to encrypt the message with the end-to-end encryption
>> protocol signal uses (as expected) and the other one is to send the
>> message itself (as a plaintext!) to the push servers (Apple APNS,
>> Google GCM and even (if used) 3rd party services like Amazon SNS) to
>> show the notification on your partner's screen. This actually damages
>> the end-to-end encryption fashion of the application.
>> And, even if you set your app to not to show the content in the
>> notification center, you dont guarantee that the plaintext text
>> version of your message is sent to the push servers.
>> Halil Kemal TASKIN
More information about the Messaging