What's the purpose of the signal safety number in the signal messenger?

361    Asked by LukeTurner in Web-development , Asked on Oct 17, 2022

 I've read the official page on safety numbers but they are still unclear to me. Without verification, there still is end to end encryption, so what difference does it make? Is it that a phone number is easy to spoof so an adversary could pretend to be someone else but with a safety number verified you would know if it's not really them?

Answered by Naveen Yadav

The signal safety number is actually the fingerprint of your public key.


By verifying this, you verify that the public key you are encrypting the messages to, is in fact the same as the keys used by the other party in the conversation.

If not verified, you could be encrypting your keys with a Man in The Middle's keys, which then proceeds to decrypt the messages, read them, and re-encrypt them with the recipient's key. You would be none the wiser.

By verifying that the public keys are identical for both participants, you remove the possibility of a MiTM attack.

It's explained in detail in this blog post from Signal.



Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com