The messenger has finally implemented a technology that has been developed over the past few years.
The popular messenger Signal, whose developers have always paid special attention to security and privacy, announced a long-awaited innovation - support for nicknames for users. The new feature, which has been in development for more than four years, will allow you to communicate without disclosing phone numbers while maintaining high standards of privacy.
Until now, Signal required a phone number to register an account. This made it easier to contact people on the contact list, but forced activists, journalists, and public figures to share their personal numbers with strangers, putting them at risk of harassment and cyberattacks. Nicknames are designed to solve this problem.
Using advanced cryptography, Signal will store only hashes of nicknames using the Ristretto 25519 algorithm, and not the nicknames themselves in clear text. Users can create, delete, and change tags at will. Contacts will only see the tag if the phone number wasn't saved earlier.
To prevent the capture of popular nicknames, each of them must contain a number at the end, for example, johndoe.12.
In case of a request from the authorities, the company will only be able to provide the user's phone number and the date of creation/last login to the account. If the nickname was deleted, Signal will not be able to confirm that it was used at all.
"As far as we know, we are now the only messenger that supports nicknames, but does not store them in clear text," said Signal senior technical specialist Josh Lund.
In addition, users will be able to block the search for their profile by phone number in the messenger.
Nicknames are intended to be temporary and disposable. You can create them for specific situations, such as video conferences. After that, the tag is deleted, and the person can create a completely new one for another case.
Journalists, on the other hand, can create a permanent nickname to receive messages from confidential sources without having to publish their personal phone number, which may put them at risk.
Users will also be able to share links or QR codes by adding new contacts. This data can then be reset to improve privacy and security.
If Signal receives a court order to provide information about the user's phone number, the app will only be able to output an encrypted hash of the nickname, if one has been installed. Restoring the original nickname from a cryptographic hash will be an extremely difficult task for law enforcement agencies using standard methods.
"Implementing support for nicknames while maintaining high encryption standards was a very difficult task — top flight in the field of cryptography. We had to make fundamental changes to the architecture," said Meredith Whittaker, president of the Signal Foundation, a nonprofit organization.
However, you will still be required to enter your phone number when registering your account for the first time. According to Whittaker, this makes it easier to use the messenger for a wide audience and prevents the spam problem faced by alternative services that do not require a phone number when creating accounts.
The popular messenger Signal, whose developers have always paid special attention to security and privacy, announced a long-awaited innovation - support for nicknames for users. The new feature, which has been in development for more than four years, will allow you to communicate without disclosing phone numbers while maintaining high standards of privacy.
Until now, Signal required a phone number to register an account. This made it easier to contact people on the contact list, but forced activists, journalists, and public figures to share their personal numbers with strangers, putting them at risk of harassment and cyberattacks. Nicknames are designed to solve this problem.
Using advanced cryptography, Signal will store only hashes of nicknames using the Ristretto 25519 algorithm, and not the nicknames themselves in clear text. Users can create, delete, and change tags at will. Contacts will only see the tag if the phone number wasn't saved earlier.
To prevent the capture of popular nicknames, each of them must contain a number at the end, for example, johndoe.12.
In case of a request from the authorities, the company will only be able to provide the user's phone number and the date of creation/last login to the account. If the nickname was deleted, Signal will not be able to confirm that it was used at all.
"As far as we know, we are now the only messenger that supports nicknames, but does not store them in clear text," said Signal senior technical specialist Josh Lund.
In addition, users will be able to block the search for their profile by phone number in the messenger.
Nicknames are intended to be temporary and disposable. You can create them for specific situations, such as video conferences. After that, the tag is deleted, and the person can create a completely new one for another case.
Journalists, on the other hand, can create a permanent nickname to receive messages from confidential sources without having to publish their personal phone number, which may put them at risk.
Users will also be able to share links or QR codes by adding new contacts. This data can then be reset to improve privacy and security.
If Signal receives a court order to provide information about the user's phone number, the app will only be able to output an encrypted hash of the nickname, if one has been installed. Restoring the original nickname from a cryptographic hash will be an extremely difficult task for law enforcement agencies using standard methods.
"Implementing support for nicknames while maintaining high encryption standards was a very difficult task — top flight in the field of cryptography. We had to make fundamental changes to the architecture," said Meredith Whittaker, president of the Signal Foundation, a nonprofit organization.
However, you will still be required to enter your phone number when registering your account for the first time. According to Whittaker, this makes it easier to use the messenger for a wide audience and prevents the spam problem faced by alternative services that do not require a phone number when creating accounts.
