Discussion:
[whispersystems] How are contacts shared between linked devices?
Brad
2015-12-02 22:20:04 UTC
Permalink
Just curious. Is there any write up or blog post on how device linking
is done (and how information like contact lists is shared among linked
devices)? The google fails me. - b
Danny Wu
2015-12-03 02:24:13 UTC
Permalink
Yes, there was _just_ a thread about this. Read the archive ;)
Post by Brad
Just curious. Is there any write up or blog post on how device linking
is done (and how information like contact lists is shared among linked
devices)? The google fails me. - b
Moxie Marlinspike
2015-12-03 03:34:23 UTC
Permalink
The former thread was about contact intersection (discovering that your
contacts are on Signal), while I think Brad is asking about contact sync
between your own devices.

Everything is just a Signal message. So at install time, the Android
client packages up all your contact info and sends it e2e encrypted as a
Signal message to the browser. Every time a contact changes, it's
another message to the browser. Other than the QR code, normal Signal
messages are the only primitive your devices use to communicate with
each-other.

- moxie
Post by Danny Wu
Yes, there was _just_ a thread about this. Read the archive ;)
Just curious. Is there any write up or blog post on how device linking
is done (and how information like contact lists is shared among linked
devices)? The google fails me. - b
--
http://www.thoughtcrime.org
Eric Mill
2015-12-04 06:29:08 UTC
Permalink
That is a super helpful explanation (and a smart approach) to contact
syncing.

Does this also explain how keys are shared among devices? On my phone, when
I'm talking to a Signal contact as she moves between phone and desktop, her
key remains the same (or at least I get no key-change warning and when I
look at the conversation settings, it only shows me one key), so it looks
like this key was distributed somehow.

Were they bootstrap-sent using some other key the browser generated for use
in receiving the Android phone's keys? Or...?

-- Eric
Post by Moxie Marlinspike
The former thread was about contact intersection (discovering that your
contacts are on Signal), while I think Brad is asking about contact sync
between your own devices.
Everything is just a Signal message. So at install time, the Android
client packages up all your contact info and sends it e2e encrypted as a
Signal message to the browser. Every time a contact changes, it's
another message to the browser. Other than the QR code, normal Signal
messages are the only primitive your devices use to communicate with
each-other.
- moxie
Post by Danny Wu
Yes, there was _just_ a thread about this. Read the archive ;)
Just curious. Is there any write up or blog post on how device
linking
Post by Danny Wu
is done (and how information like contact lists is shared among
linked
Post by Danny Wu
devices)? The google fails me. - b
--
http://www.thoughtcrime.org
--
konklone.com | @konklone <https://twitter.com/konklone>
Tom Ritter
2015-12-04 15:19:57 UTC
Permalink
Post by Eric Mill
That is a super helpful explanation (and a smart approach) to contact
syncing.
Does this also explain how keys are shared among devices? On my phone, when
I'm talking to a Signal contact as she moves between phone and desktop, her
key remains the same (or at least I get no key-change warning and when I
look at the conversation settings, it only shows me one key), so it looks
like this key was distributed somehow.
Were they bootstrap-sent using some other key the browser generated for use
in receiving the Android phone's keys? Or...?
The identity key for a contact was (securely) copied from the Android
device to the Desktop client during initialization. It doesn't use
the same method as contact sync though (since in the very beginning
there's no way for your android device to know that the other party is
really your Desktop extension and not an impersonator.) This code is
here (on the receiving side):
https://github.com/WhisperSystems/Signal-Desktop/blob/master/libtextsecure/account_manager.js#L33

When you send them a message, there are two independent ratchet
sessions for their desktop client and their phone (same way group chat
works), but both ratchets were initialized using the same identity
key.

-tom
Eric Mill
2015-12-08 05:05:10 UTC
Permalink
Moving Brad's reply (with permission) onto the thread. Is this an accurate
description of the key-sharing process?
Just to provide a few more urls, since I'm learning the code. Key
1) QR Code: When you link your Signal-Desktop and Signal-Android, the QR
code fed to your phone contains a (transient) public key of the Desktop
device.
2) Server messaging interface: The phone sends a provisioning message [1]
back to the desktop, containing your phone's private identityKey (encrypted
with the that transient public key). After provisioning, the linked
Desktop holds the phone numbers IdentityKey pair.
3) Server Key API: devices send their pre-keys [2] to the server, and
retrieve recipients's keys [3] to encrypt messages for delivery to each
device of each recipient. This API is "device aware" - the client can get
pre-keys for one or all devices.
So: the identityKey is the identity of the contact identified by phone
number (shared among linked devices). The pre-keys are per device.
There is a /v1/devices endpoint [4] in the API, undocumented, but it
doesn't seem to be used - is it?
That's my reading. Feel free to correct it.
[1]
https://github.com/WhisperSystems/Signal-Desktop/blob/master/protos/DeviceMessages.proto
[2]
https://github.com/WhisperSystems/TextSecure-Server/wiki/API-Protocol#registering-prekeys
[3]
https://github.com/WhisperSystems/TextSecure-Server/wiki/API-Protocol#getting-a-recipients-prekey
[4]
https://github.com/WhisperSystems/TextSecure-Server/blob/master/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java
That is a super helpful explanation (and a smart approach) to contact
syncing.
Does this also explain how keys are shared among devices? On my phone,
when I'm talking to a Signal contact as she moves between phone and
desktop, her key remains the same (or at least I get no key-change warning
and when I look at the conversation settings, it only shows me one key), so
it looks like this key was distributed somehow.
Were they bootstrap-sent using some other key the browser generated for
use in receiving the Android phone's keys? Or...?
-- Eric
On Wed, Dec 2, 2015 at 10:34 PM, Moxie Marlinspike <
Post by Moxie Marlinspike
The former thread was about contact intersection (discovering that your
contacts are on Signal), while I think Brad is asking about contact sync
between your own devices.
Everything is just a Signal message. So at install time, the Android
client packages up all your contact info and sends it e2e encrypted as a
Signal message to the browser. Every time a contact changes, it's
another message to the browser. Other than the QR code, normal Signal
messages are the only primitive your devices use to communicate with
each-other.
- moxie
Post by Danny Wu
Yes, there was _just_ a thread about this. Read the archive ;)
Just curious. Is there any write up or blog post on how device
linking
Post by Danny Wu
is done (and how information like contact lists is shared among
linked
Post by Danny Wu
devices)? The google fails me. - b
--
http://www.thoughtcrime.org
--
--
konklone.com | @konklone <https://twitter.com/konklone>
Loading...