Signal is an encrypted communication app based on end-to-end encryption and a proprietary open-source encryption protocol called “Signal Protocol”. It appears Signal is no longer safe since Cellebrite, an Israeli company known for being closely related to their state intelligence agencies claimed now being able to decrypt Signal’s data from its databases. Including attachments and text messages. Cellebrite released a blog post and then replaced it with heavily edited version. Previously Signal developers were asked to enable backdoor access for law enforcement by virtually every country in the world. This is done under the excuse criminals and terrorists are using increasingly popular Signal app for their operations. Although it has been widely known for years another platform has indeed been utilized by criminals and terrorists. While in fact Signal became widely popular among protesters around the globe.
How reading Signal data is done
For those who may be able to utilize new information Signal’s file structure is familiar. Signal encrypts its database using SqlScipher using a key. Android uses “Keystore” to store this key named “AndroidSecretKey”. This is what one will need to decrypt Signal’s database key stored in shared preferences file. Applying a key is not easy but not a rocket science either. One have to use Signal’s source code and locate a class SQLCypherOpenHelper for a page size. With all this run SqlScipher on database using decrypted key and page size read via open-source code. Once decrypted you will see separate tables “SMS” and “parts”. Linking messages and attachments requires parsing these two.
App uses folder app_parts to store encrypted attachments. Decrypt attachments takes you back to shared preferences file and locate “pref_attachment_encrypted_secret”. Use “data” value to decrypt a “JSON file” that will contain more keys but focus on “ModernKey”, “IV” and field “data_random” from “part” table.
Search again Signal’s source code and locate
FileOutputStream fileOutputStream – new FileOutputStream();
byte iv = new byte;
byte key = mac.doFinal(random);
Two lines above is telling us the key is hashed using HmacSHA256 with each new hash created using “ModernKey” and “data_random”. Read from source code what decryption algorithm to use like AES (CTR mode) and voila. Attachments decrypted. Apply parsed links and you should be able to print the conversations.
If you want to dive deeper I suggest you to utilize Web Archive on their New Solution for Decrypting the Signal App Blog Post and read the original content.
Data recovery service providers who use Cellebrite tools routinely will find this new option appealing, too. Nevertheless when recovery of data from such encrypted communication service becomes commercially available such service either upgrade and improve or becomes obsolete. There was and still is definitely room to compile your own version of Signal but for the most of users they need to wait for the Signal’s response.
Will there be any? We will continue to follow this story.