New design sets a high standard for post-quantum readiness.

    • lemmee_in@lemmy.world
      link
      fedilink
      English
      arrow-up
      101
      ·
      5 days ago

      Signal puts a lot of effort into their threat model that assumes a hostile host (i.e. AWS). That’s the whole point of end to end encryption, even if the host is compromised the attackers do not get any information. They even go as far as padding out the lengths of encrypted messages so everyone looks like they are sending identical blocks of data

      • shortwavesurfer@lemmy.zip
        link
        fedilink
        English
        arrow-up
        49
        arrow-down
        3
        ·
        5 days ago

        I’m assuming that they were more referring to the outage that occurred today that pulled a ton of the internet services, including signal offline temporarily.

        You can have all the encryption in the world, but if the centralized data point that allows you to access the service is down, then you’re fucked.

        • Pup Biru@aussie.zone
          link
          fedilink
          English
          arrow-up
          25
          arrow-down
          1
          ·
          4 days ago

          no matter where you host, outages are going to happen… AWS really doesn’t have many… it’s just that it’s so big that everyone notices - it causes internet-wide issues

            • Pup Biru@aussie.zone
              link
              fedilink
              English
              arrow-up
              20
              ·
              edit-2
              4 days ago

              that’s pretty disingenuous though… individual lemmy instances go down or have issues regularly… they’re different, but not necessarily worse in the case of stability… robustness of the system as a whole there’s perhaps an argument in favour of distributed, but the system as a whole isn’t a particularly helpful argument when you’re trying to access your specific account

              centralised services are just inherently more stable for the same type of workload because they tend to be less complex, less networking interconnectedness to cause issues, and you can focus a lot more energy building out automation and recovery than spending energy repeatedly building the same things… that energy is distributed, but again it’s still human effort: centralised systems are likely to be more stable because they’ve had significantly more work put into stability, detection, and recovery

              • shortwavesurfer@lemmy.zip
                link
                fedilink
                English
                arrow-up
                1
                ·
                4 days ago

                Right, but even if individual instances go down, you don’t end up with headlines all over the world of half the internet being down. Because half the internet isn’t down, the network is self-healing. It temporarily blocks off the problem area, and then when the instance comes back, it resynchronizes and continues as normal.

                Services might be temporarily degraded, but not gone entirely.

                • Pup Biru@aussie.zone
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  4 days ago

                  but that’s a compromise… it’s not categorically better

                  you can’t run a bank like you run distributed instances, for example

                  services have different uptime requirements… this is perhaps the first time i’ve ever heard of signal having downtime, and the second time ever that i can remember there’s been a global AWS incident like this

                  and not only that, but lemmy and every service you listed aren’t even close to the scale of their centralised counterparts. we just aren’t there with the knowledge for how to build these services to simply say that centralised services are always worse, less reliable, etc. twitter is the usual example of this. it seems really easy, and arguably you can build a microblogging service in about 30min, but to scale it to the size that it handles is incredibly difficult and involves a lot of computer science (not just software engineering)

            • Alaknár@sopuli.xyz
              link
              fedilink
              English
              arrow-up
              9
              ·
              4 days ago

              Come on, mate… Lemmy as a whole didn’t go down, but instances of Lemmy absolutely did go down. As they regularly do, because shit happens.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 days ago

              Monero isn’t like the other three, it’s P2P with no single points of failure.

              I haven’t looked too closely at Nostr, but I’m assuming it’s typically federated with relays acting like Lemmy/Mastodon instances in terms of data storage (it’s a protocol, so I suppose posts could be local and switching relays is easy). If your instance goes down, you’re just as screwed as you would be with a centralized service, because Lemmy and Mastodon are centralized services that share data. If your instance doesn’t go down but a major one does, your experience will be significantly degraded.

              The only way to really solve this problem is with P2P services, like Monero, or to have sufficient diversity in your infrastructure that a single major failure doesn’t kill the service. P2P is easy for something like a currency, but much more difficult for social media where you expect some amount of moderation, and redundancy is expensive and also complex.

              • shortwavesurfer@lemmy.zip
                link
                fedilink
                English
                arrow-up
                2
                ·
                4 days ago

                Nostr is a weird being. You are correct that it is not peer-to-peer like Monero is. However, it’s not quite federated in the same way that ActivityPub is.

                When using Nostr clients, you actually publish your same data to like six different relays at the same time. It has the built-in assumption that some of those relays are going to be down at any given time and so by publishing to like six at once you get data redundancy.

                • sugar_in_your_tea@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  4 days ago

                  Ok, so it’s effectively the same as P2P, just with some guarantees about how many copies you have.

                  In a P2P setup, your data would be distributed based on some mathematical formula such that it’s statistically very unlikely that your data would be lost given N clients disconnect from the network. The larger the network, the more likely your data is to stick around. So think of bittorrent, but you are randomly selected to seed some number of files, in addition to files you explicitly opt into.

                  The risk w/ something like Nostr is if a lot of people pick the same relays, and those relays go down. With the P2P setup I described, data would be distributed according to a mathematical formula, not human decision, so you’re more likely to still have access to that data even if a whole country shuts off its internet or something.

                  Either solution is better than Lemmy/Mastodon or centralized services in terms of surviving something like AWS going down.

        • heysoundude@eviltoast.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 days ago

          That was my point. But as somebody else pointed out here, the difficulties in maintaining the degree of security we currently enjoy as Signal users starts to get eroded away

      • Victor@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        5 days ago

        sending identical blocks of data

        Nitpicking here but assuming from the previous words in your comment that you mean blocks of data of identical length.

        Although it should be as if we are sending multiples of identical size, I suppose.

        Anyway, sorry for nitpicking.

    • elvis_depresley@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      11
      ·
      5 days ago

      I guess the research doesn’t have to be limited to signal. If other apps can benefit from it the more resilient “private communications over the internet” get.

    • Victor@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 days ago

      So that’s why Signal didn’t send my messages very quickly today then, maybe.

      • DaGeek247@fedia.io
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        5 days ago

        It’s not completely out yet. That was likely AWS being down.

        Also, the new quantum protected message encryption headers are about 2kb. If that’s causing issues with your internet, you may want to consider looking at new internet.

        • Frezik@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          8
          ·
          5 days ago

          2kb? While it may not sound like much, that’s at least three packets worth of data (depending on MTU). If you think about it in terms of how TCP sends packets and needs ACKs, there’s actually a lot of round trip data processing going on for just that one part.

          • xthexder@l.sw0.com
            link
            fedilink
            English
            arrow-up
            8
            ·
            5 days ago

            TCP will generally send up to 10 packets immediately without waiting for the ACKs (depending on the configured window size).

            Generally any messages or websites under 14kb will be transmitted in a single round-trip assuming no packets are dropped.

        • Victor@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          5 days ago

          That was likely AWS being down.

          Sorry, yeah, that’s the only thing I was referring to.

          My internet connection is 500/500 Mbps, and I can’t change it. 😄👍

          • naticus@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 days ago

            Should have been pretty obvious to anyone reading any tech news whatsoever today, especially in the context of where you responded. No apology from you should have been necessary!

            • Victor@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 days ago

              You would think 😅 The sorry was sightly sarcastic, but shhh, nobody need know

        • Lumisal@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 days ago

          The average for a person sending / receiving a message is about 35 / day. That’s 70kb / person.

          Signal has aprx. 100 million users.

          Which means this adds about 7 terabytes daily.

          Just doing the math on it, there’s no point to this message 😁

      • DiabolicalBird@lemmy.ca
        link
        fedilink
        English
        arrow-up
        7
        ·
        4 days ago

        I did, it’s a buggy undercooked mess that doesn’t work half the time. The app that’s officially supported is missing half the features. Trying to get people to switch to it is like pulling teeth as the onboarding process in overly complicated for the average user.

        Meanwhile Signal works right out of the box with very little fuss.

      • JoshuaFalken@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 days ago

        I could. Presumably so could the others commenting on this post. But then what are we to do about the privacy or tech illiterate people we’ve carried to Signal over the years?

        It’s easy to winge about just doing what you perceive as the optimal solution. It’s more difficult when you need to navigate the path to get there from where we are now.

    • HulkSmashBurgers@reddthat.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 days ago

      It took me years of begging and pleading with my wife to start using signal, the setup for which is way easier than matrix. I don’t think I’d be able to get my wife to use matrix due to the increased complexity.

      I have secure comms with my wife (albeit centralized) and that’s what’s important to me.

    • jpv2390@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      28
      ·
      4 days ago

      Because my grandpa can work with signal which is still encrypted communication. Thus its a low threshhold to adoption and significant increase in cyber hygiene. Even for his type of audience.

    • Alaknár@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      4 days ago

      Because Matrix barely works half the time and has some significant security/privacy flaws still. One of which is: if there’s a bug that makes it possible for someone to snoop your metadata and the fix requires a server update… You’re SOL if the people you’re talking to don’t get the update.

  • OrganicMustard@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    32
    ·
    5 days ago

    Having in mind we are not even close to breaking classical cryptography with quantum computing I doubt this was their best investment of time

    • Jean-luc Peak-hard@piefed.social
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      2
      ·
      5 days ago

      the best time was yesterday. the next best time is today. securing systems after they’re broken, when data could actively be collected prior to the breakthrough, is not the way to approach security.

    • Alaknár@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      16
      arrow-down
      1
      ·
      4 days ago

      Once quantum computers break classical cryptography, it’s going to be too late to develop post-quantum cryptography, mate.

      The best time to develop resilience is right now.

        • turmacar@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          4 days ago

          Even if quantum computing turns out to actually be infeasible and classical cryptography is secure for the next millennia, it’s still a good feature to have a third independent encryption layer in the protocol. It makes it that much less likely reliant on the other two being bulletproof.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          4 days ago

          How sure are you? Assign a percentage chance to it and the cost of exposing old messages, and compare that to the cost of this dev effort.

          We know governments are using it, and there’s likely a lot of sensitive data transmitted through Signal, so the cost of it happening in the next 20 years would still be substantial, so even if the chance of that timeline happening is small, there’s still value in investing in forward secrecy.

    • Jason2357@lemmy.ca
      link
      fedilink
      English
      arrow-up
      24
      ·
      5 days ago

      There are nation states just straight up intercepting and storing signal data on their networks in hopes that it can be decrypted in the future. 20 year old messages will still be useful.

    • djmikeale@feddit.dk
      link
      fedilink
      English
      arrow-up
      14
      ·
      4 days ago

      Their core feature is secure messaging, so I’d say this result highlights their dedication to the secure aspect of it. So an excellent feature in terms of branding, and probably has more benefits in other places e.g. attracting talent, as developers now can see Signal offers great opportunities to work on complex problems.

      So I’m curious; what do you think would be better investment of their time?

      • OrganicMustard@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 days ago

        Like allowing a federated system instead of a central one, not depending in external libraries and services, and so on. I bet there are many things that would actually improve the security instead of this that is more of a marketing point.

    • ExLisper@lemmy.curiana.net
      link
      fedilink
      English
      arrow-up
      13
      ·
      5 days ago

      It’s future-proofing. It means my messages are not only safe today but, even if they are intercepted or leaked somehow, will also be safe in the future.

    • webghost0101@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      5 days ago

      I doubt that the first ones to break it will be eager to communicate their findings to the public.

      This tech is far to valuable for military/spionage goals. For all we know it already exists.

    • OrganicMustard@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      4 days ago

      Lol, it shows the hype quantum computing has sold and how detached the public thought is about it from reality.

      I’m friends with two quantum computing researchers and they are pretty sure quantum computing will never be a practical application because of how the noise and errors scale with the system size.

      • L501@mander.xyz
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 days ago

        The quantum computing hype is really annoying but we don’t know the future. One day there might be a breakthrough in noise reduction. I’d rather signal have post-quantum cryptography and not need it than get blindsided if there is suddenly a qc that can break rsa with shor. Not to mention intelligence agencies doing store now/decrypt later stuff.