Pierluigi Paganini September 28, 2017

Open Whisper Systems announced that it’s working on a new private contact discovery service for its popular communications app Signal.

Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony:

Signal was also approved by the U.S. Senate for official communications among staff members.

Open Whisper Systems aims to improve the contact discovery feature, currently when a user signs up for Signal, the phone numbers in their device’s address book are compared to entries in a database on Open Whisper Systems servers to determine which interlocutors use Signal.

The verification uses truncated SHA256 hashes of the phone numbers, but as you know hashes can be cracked by attackers.

Even if Open Whisper Systems does not log contact discovery requests, theoretically a persistent attacker (i.e. APT group) can modify the code on Signal servers and starts these requests.

Signal developers are working to avoid such attack scenario leveraging in Intel’s Software Guard Extensions (SGX) technology supported by modern Intel chips.

The SGX technology allows developers to protect a certain portion of code and data from disclosure or modifications. The code is placed in a secure memory area of execution dubbed “enclave.”

“Modern Intel chips support a feature called Software Guard Extensions (SGX). SGX allows applications to provision a “secure enclave” that is isolated from the host operating system and kernel, similar to technologies like ARM’s TrustZone. SGX enclaves also support a feature called remote attestation. Remote attestation provides a cryptographic guarantee of the code that is running in a remote enclave over a network.” states Open Whisper Systems.

The idea of the Signal development team is to run contact discovery service in an SGX enclave.

The private contact discovery leveraging the SGX technology could be composed of the following steps at a high level:

1. Run a contact discovery service in a secure SGX enclave.
2. Clients that wish to perform contact discovery negotiate a secure connection over the network all the way through the remote OS to the enclave.
3. Clients perform remote attestation to ensure that the code which is running in the enclave is the same as the expected published open source code.
4. Clients transmit the encrypted identifiers from their address book to the enclave.
5. The enclave looks up a client’s contacts in the set of all registered users and encrypts the results back to the client.

The SGX also supports what “remote attestation” that allows the client to guarantee of the code that is running in a remote enclave over a network.

“This would allow a server to stream media content to a client enclave with the assurance that the client software requesting the media is the “authentic” software that will play the media only once, instead of custom software that reverse engineered the network API call and will publish the media as a torrent instead.” continues Open Whisper Systems.

“Since the enclave attests to the software that’s running remotely, and since the remote server and OS have no visibility into the enclave, the service learns nothing about the contents of the client request. It’s almost as if the client is executing the query locally on the client device,” .

Open Whisper Systems plans to integrate the feature in the next few months.

If you are interested in analyzing source code for the private contact discovery service you can visit the official GitHub repository.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – private contact discovery, privacy)

[adrotate banner=”12″]