This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles
This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
This article is within the scope of WikiProject Open, a project which is currently considered to be inactive.OpenWikipedia:WikiProject OpenTemplate:WikiProject OpenOpen articles
This article is within the scope of WikiProject Technology, a collaborative effort to improve the coverage of technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.TechnologyWikipedia:WikiProject TechnologyTemplate:WikiProject TechnologyTechnology articles
This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware articles
This article is within the scope of WikiProject Telecommunications, a collaborative effort to improve the coverage of Telecommunications on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.TelecommunicationsWikipedia:WikiProject TelecommunicationsTemplate:WikiProject TelecommunicationsTelecommunications articles
Cohn-Gordon et al. 2016 provides a more up-to-date description. Its authors explicitly state that "the Signal Protocol has changed substantially since [the Frosch et al.] analysis of TextSecure." --Dodi 8238 (talk) 23:18, 27 October 2016 (UTC)[reply]
I have put in that whatsapp, google allo, and facebook claim to use this protocol, because I think it's significant to know the difference between the implementation in apps which are open source and are studied, and the claims of proprietary closed source clients (apps), which might reveal a user's private keys without the user's knowledge, and thus depend entirely on believing Facebook, or Google, who do have an economic interest in knowing the content of the user's communications. Brinerustle (talk) 08:12, 23 December 2016 (UTC)[reply]
Are you able to provide reliable sources that discuss this? Saying that WhatsApp, Facebook Messenger and Google Allo "claim" to use the protocol implies that their statements' credibility has been called into question (see WP:CLAIM). Unless you can provide reliable sources that have called into question their statements' credibility, then we should not imply that this has happened. There is currently no evidence of these companies revealing their users' private keys without their users' knowledge. In order to maintain a neutral point of view and avoid original research, we should use clear, direct language, and let verifiable facts alone do the talking. Keep in mind that, in determining proper weight, we consider a viewpoint's prevalence in reliable sources, not its prevalence among Wikipedia editors or the general public (see WP:WEIGHT). --Dodi 8238 (talk) 09:08, 23 December 2016 (UTC)[reply]
I disagree with the above interpretation of Brinerustle's use of "claim" in this case. The relevant section (per my reading) of WP:CLAIM states: "To write that someone asserted or claimed something can call their statement's credibility into question, by emphasizing any potential contradiction or implying a disregard for evidence." To state that use of "claim" can call someone's credibility into question does not mean that such use implies such a questioning. In this particular case, the claim is one about an implementation of software solely controlled by the entity making the claim, since that entity has exclusive access to both the software's source code and to it's build process. No such claim can be verified by any outside party. Other parties can, by observing the action of the software at runtime, attempt to verify that the software performs according to the protocol its controlling entity claims it implements; but without access to the source code and the build process, no one can demonstrate that the software implements the protocol *correctly* and without any bad behavior. The claim is made in absence of evidence (the only possible evidence is actively withheld by the claiming parties), so IMO the mere statement that the various products implement the protocol is a "claim". Koanhead (talk) 02:52, 29 December 2017 (UTC)[reply]
Exactly. What is currently missing is evidence for the statement "it has since been implemented". I agree that there is no evidence for the private keys being exposed, but there is also no evidence for the implementation. It needs restating, I will give it another go.Brinerustle (talk) 09:42, 14 April 2018 (UTC)[reply]
The following is a quote from the Wiki article on Signal [1], which is the first software that implemented the Signal Protocol --
"Signal messages are encrypted with the Signal Protocol (formerly known as the TextSecure Protocol). The protocol combines the Double Ratchet Algorithm, prekeys, and a Triple Diffie-Hellman (3XDH) handshake. It uses Curve25519, AES-256, and HMAC-SHA256 as primitives."
This information needs to be added to this article. I believe the format for such information has already been established.
Thanks — Preceding unsigned comment added by Dshorter (talk • contribs) 14:39, 18 September 2018 (UTC)[reply]
Are there any countries that restrict the export and import of technologies using the protocol? If so, that information should be added to this article. Squideshi (talk) 22:35, 30 March 2019 (UTC)[reply]
The history section could be updated with the new extension and pretty much all the content of the PQXDH article could be copied over, maybe trimmed a little but not much. Alpha3031 (t • c) 14:58, 27 October 2023 (UTC)[reply]