Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Encryption

What is Signal Protocol?

A cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. Developed by Open Whisper Systems, it combines the Double Ratchet Algorithm, prekeys, and a triple Diffie-Hellman handshake to provide forward secrecy and future secrecy.

Also known as: TextSecure Protocol, Double Ratchet Protocol

The Signal Protocol is widely considered the gold standard for secure messaging. It's used by Signal, WhatsApp, Facebook Messenger (secret conversations), and Google Messages.

Key Features

Perfect Forward Secrecy

  • Each message uses unique keys
  • Compromising one key doesn't reveal past messages
  • Historical conversations remain protected

Future Secrecy (Self-Healing)

  • If a key is compromised, future messages remain secure
  • The protocol automatically recovers
  • Attacker loses access after key rotation

Deniable Authentication

  • You can verify who you're talking to
  • But transcripts can't cryptographically prove anything
  • Protects against coerced disclosure

How It Works

The Double Ratchet

  1. Diffie-Hellman Ratchet: Generates new shared secrets
  2. Symmetric-Key Ratchet: Derives message keys
  3. Together: Provides both forward and future secrecy

Key Exchange

  • Uses X3DH (Extended Triple Diffie-Hellman)
  • Works even if recipient is offline
  • Prekeys allow asynchronous initial contact

Why It's Trusted

  • Open source: Fully auditable code
  • Peer reviewed: Academic security analysis
  • Battle tested: Used by billions of users
  • Independent audits: Multiple third-party reviews

Limitations

  • Metadata: Doesn't hide who you're talking to
  • Backup security: Cloud backups may not be encrypted
  • Trust in app: Protocol is secure, but app could have flaws
  • Sealed sender: Only Signal has this metadata protection

Adoption

The protocol is so well-designed that even Facebook and Google use it, acknowledging that rolling your own crypto is dangerous.

Related Terms

Double Ratchet

A cryptographic protocol that provides end-to-end encryption with forward secrecy and break-in recovery. Used by Signal and adopted by WhatsApp, Facebook Messenger, and Google Messages. Each message gets a unique key; compromising one doesn't expose past or future messages.

End-to-End Encryption

A method of secure communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.

Perfect Forward Secrecy

A feature of key-agreement protocols that ensures session keys cannot be compromised even if the server's long-term private key is compromised. Each session uses unique keys, so past communications remain secure even if future keys are exposed.

Related Tools

Signal

Have more questions?

Use our guided flow to get the right next privacy step for Signal Protocol.

Open Guided Flow