Researchers working on the privacy-focused messenger app, Signal, yesterday published a design for a system that could make group chats more powerful without sacrificing on security. According to a new blog post, Signal plans to implement the proposals in the coming months.
The proposals aim to add certain features, like having admins for groups, to the group chats. These are features that are simple for other messaging apps to include, but are much harder for Signal to introduce, given its dedication to user privacy.
The proposed update to the encrypted messaging app is significant for members of the cryptocurrency community, for whom privacy is often paramount. Telegram is typically known as the messaging app of the crypto community but its private chats aren’t on by default and far fewer people use them. Instead, privacy diehards—such as the community built around the privacy coin Zcash—tend to use Signal, which doesn’t collect user data, let alone sell it.
Here’s the problem the researchers are trying to solve. For messaging apps that aren’t privacy focused, data about a group—such as the group’s name, image, and group membership—are often stored in plaintext on a server. Should the server get hacked, hackers might get access to that sensitive information, and modify aspects of the group, like who’s in it. So, Signal doesn’t store data in this way, in order to keep everything private.
But this makes it hard to provide better features. If it can’t just use a centralized database, how does it organize who’s running the groups and run all these extra features? Well, it gets complicated but Signal thinks there’s a way.
Signal’s existing solution is to attach encrypted tags to group messages, meaning the server never learns which messages are group messages, or who’s in the group. But through this method, wrote O’Leary, “If two group members try to update the group state at the same time, this can create a race condition as these messages cross paths.”
Instead, with the proposed system, each user in a group chat holds a group masterkey, that’s only known to the group’s members (and not the server). The server then stores a version of the membership list that’s been encrypted according to the group master key. And this encryption should help to keep things private, while allowing for the extra features. That’s the plan, anyway.