Open Whisper Systems announced this week that it’s working on a new private contact discovery service for its privacy-focused communications app Signal.
Signal has become highly popular with individuals who value their privacy, and it was recently approved even by the U.S. Senate for official use by staff members.
While communications through Signal are protected against both hackers and government snooping, there is one feature that can still be improved from a privacy standpoint, namely contact discovery.
Currently, when a user signs up for Signal, the phone numbers in their device’s address book are compared to entries in a database on Open Whisper Systems servers to determine which contacts use the messaging app. While the verification relies on truncated SHA256 hashes of the phone numbers and not cleartext data, these hashes can in most cases be cracked.
In theory, this should not be a problem as Open Whisper Systems does not log contact discovery requests and makes the Signal source code publicly available in order to prove it. However, there is always the possibility that someone – including hackers or a government agency – modifies the code on Signal servers and starts logging contact discovery requests.
In order to prevent this, Signal developers have been trying to find a way to implement truly private contact discovery. The solution seems to lie in Intel’s Software Guard Extensions (SGX) technology.
Intel SGX allows application developers to protect certain pieces of code and data from disclosure or modifications by placing them in a secure area of execution in the memory called an “enclave.”
Signal developers have been working on running a contact discovery service in such an SGX enclave. When the client performs contact discovery, encrypted identifiers from the address book are transmitted over a secure connection directly to the enclave running the discovery service. The service looks up the contact information in the database of registered users and the results are sent back to the client in an encrypted form.
Another important security feature provided by SGX is that it supports what is called “remote attestation.” Remote attestation allows the client to ensure that the code running in the enclave is as expected – in Signal’s case, it ensures that the code from the enclave is the same as the source code made public by Open Whisper Systems.
“Since the enclave attests to the software that’s running remotely, and since the remote server and OS have no visibility into the enclave, the service learns nothing about the contents of the client request. It’s almost as if the client is executing the query locally on the client device,” explained Moxie Marlinspike, the founder of Open Whisper Systems.
While this sounds like a straightforward process, there are many challenges that Signal developers need to overcome. The private contact discovery service is currently a beta technology preview, but Open Whisper Systems hopes to have it integrated into clients in the next few months.
In the meantime, the source code for the private contact discovery service can be analyzed by anyone.
The use of Intel’s SGX technology can have many benefits, but researchers demonstrated recently that it can also be abused for malicious purposes. A team from an Austrian university showed in March that malware running on SGX can attack the host and extract RSA private keys.