[Cryptography] Signal chat fallout.

Sat Mar 29 06:02:09 EDT 2025

On 29/03/2025 01:57, Nico Williams wrote:
> On Fri, Mar 28, 2025 at 08:26:42PM +0000, iang wrote:
>> On 28/03/2025 23:15, Nico Williams wrote:
>>> One very serious problem here is that Signal doesn't do multi-level
>>> authorization or any real authorization at all.  You really want a good
>>> authorization solution in a military setting.
>> So we're back to the eierlegende Wollmilchsau otherwise known as the
>> identity system that actually knows who your counterparty is...
> What??  The military has got to "know" who its service members,
> officers, employees, and other parties are and what their authorizations
> are, and should be able to authenticate them and perform access control
> accordingly.

Yes, exactly - the military (and other closed tight groups) are the 
exception. But, these were civilians. They weren't a member of any tight 
closed group on which you could use the classical cryptographic methods. 
Hence, the obvious happened - the system that was built assuming tight, 
closed groups of disciplined people was ignored, and they all defaulted 
to signal. If they tighted up signal to solve this problem (which is 
possible) then chances are, the users would switch to something else...

> If the military can't do that then they might as well go home.

Well, indeed. But they ain't the military. They're civilians. 
Especially, they are the ones that are by definition civilians because 
they're the ones controlling the military.

They all have personal phones with lots of apps and lots of chats. They 
carry them everywhere. They use them to start their car, open their 
front door, run their private lives. Which intersects with meeting 
people who are also civilians who are also in gov.

(And, even the military have a lot of trouble controlling personal 
phones...)

> This was a tiny group though, so very manual authorization was
> plausible.  Someone flubbed up, or else perhaps an insider added Mr.
> Goldberg _on purpose_ e.g., to leak or even to cause the scandal that
> did in fact ensue.  Either way Signal's lack of stringent military-style
> authorization functionality is one root cause of this incident.

It wasn't just a tiny group, tho. It was one tiny group amongst millions 
of tiny groups. Check how many groups your phone controls for you - if 
it isn't in the hundreds, you've maybe adopted amish like habits. Well 
and good, but that's an anomaly, it's not the norm.

> Signal just cannot do these things well.  They should not be using
> Signal.
>
> Here's an opportunity for some vendor to make a military grade IM system
> with multi-level mandatory access controls or better, probably using DOD
> CAC smartcards and PKI for authentication, and charge them a bundle.

They already have it. Someone posted about it, it was a lot of long 
acronyms. They just don't use it much.

iang