Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Email

What is Sealed Sender?

A messaging feature where the server cannot see who sent a message to whom, protecting sender identity metadata even from the service provider.

Signal's sealed sender feature hides the sender's identity from Signal's servers, addressing the metadata problem.

The Metadata Problem

  • End-to-end encryption protects message content
  • But the server still knows: who messaged whom, when, how often
  • This metadata reveals relationships and communication patterns
  • "We kill people based on metadata" — former NSA director Michael Hayden

How Sealed Sender Works

  1. Sender encrypts a "delivery certificate" with the recipient's identity key
  2. Message is sent without the sender's identity in the envelope
  3. Signal's server delivers the message knowing only the recipient
  4. Recipient decrypts the delivery certificate to see who sent it

Limitations

  • Recipient's identity is still known to the server (it needs to deliver the message)
  • Timing analysis could theoretically correlate sender and recipient
  • Only works between users who have established a Signal session

Significance

Sealed sender is one of the most important privacy innovations in messaging. It demonstrates that metadata protection is possible, not just content protection.

Related Terms

End-to-End Encryption

A method of secure communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.

Metadata

Data about data. In the context of communications, metadata includes information like who you contacted, when, for how long, and from where—everything except the actual content of your message. Metadata can reveal intimate details about your life even when content is encrypted.

Signal Protocol

A cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. Developed by Open Whisper Systems, it combines the Double Ratchet Algorithm, prekeys, and a triple Diffie-Hellman handshake to provide forward secrecy and future secrecy.

Have more questions?

Use our guided flow to get the right next privacy step for Sealed Sender.

Open Guided Flow