Protecting Signal Keys on Desktop

Share:
“A lone man in a desert trying to understand the inner workings of a computer in the style of Moebius”, by DALL-E.

At SandboxAQ, we recently delved into Signal Desktop to identify how its key management could be improved by using security hardware. Our analysis highlights the need for robust and consistent key isolation services across desktop platforms. In this blogpost,

  1. We analyse the security of Signal Desktop’s key management in light of recent attack reports, and
  2. We show how security hardware can protect Signal Desktop’s keys with a proof of concept (PoC)—a fork of Signal Desktop—and explore the tradeoffs with this approach.

Signal is an open-source messaging service that implements end-to-end encryption. Its users benefit from best-in-class privacy when communicating online.1 This level of privacy is made possible by the Signal protocol, considered the gold standard of end-to-end encrypted messaging. Its security protocol depends on cryptographic keys handled on-device. For mobile devices, Signal securely stores them in isolated and controlled locations. However, when it comes to desktop, Signal (just like everyone else) must do without OS-provided secure key management capabilities.

The problem

It all starts with a Twitter post explaining how an attacker running malware could extract all Signal Desktop’s confidential data and run a clone of the victim’s messaging application. This attack was possible because, although Signal encrypts the local database containing confidential data (including messages and keys), it stored the database decryption keys in plaintext.

Attack scenario

  1. Attacker gains access to the local Signal database encryption key. This can be accomplished through either (a) physical access to the disk at rest, bypassing disk encryption, or (b) malware operating with the victim’s privilege rights, like a malicious app.
  2. Attacker decrypts the database and extracts its data. Given that the database encryption was saved in plaintext, this process is straightforward.2
  3. Attacker impersonates the victim or compromises their messages. The compromised database contains the victim’s conversation history on this device and a set of keys used in the Signal protocol.

Here’s a visual representation of the attack vector.

Gaëtan Wattiau

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
11:27 am, Jul 13, 2025
weather icon 23°C
L: 21° | H: 24°
clear sky
Humidity: 64 %
Pressure: 1013 mb
Wind: 3 mph ENE
Wind Gust: 7 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 3%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:58 am
Sunset: 9:13 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
21° | 24°°C 0 mm 0% 6 mph 58 % 1013 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
19° | 27°°C 0 mm 0% 15 mph 71 % 1015 mb 0 mm/h
Tue Jul 15 10:00 pm
weather icon
15° | 22°°C 1 mm 100% 17 mph 85 % 1016 mb 0 mm/h
Wed Jul 16 10:00 pm
weather icon
14° | 27°°C 0.11 mm 11% 11 mph 85 % 1017 mb 0 mm/h
Thu Jul 17 10:00 pm
weather icon
18° | 27°°C 1 mm 100% 13 mph 95 % 1015 mb 0 mm/h
Today 1:00 pm
weather icon
24° | 26°°C 0 mm 0% 3 mph 58 % 1013 mb 0 mm/h
Today 4:00 pm
weather icon
27° | 29°°C 0 mm 0% 0 mph 45 % 1011 mb 0 mm/h
Today 7:00 pm
weather icon
27° | 27°°C 0 mm 0% 6 mph 31 % 1008 mb 0 mm/h
Today 10:00 pm
weather icon
23° | 23°°C 0 mm 0% 6 mph 40 % 1010 mb 0 mm/h
Tomorrow 1:00 am
weather icon
19° | 19°°C 0 mm 0% 5 mph 40 % 1011 mb 0 mm/h
Tomorrow 4:00 am
weather icon
20° | 20°°C 0 mm 0% 5 mph 52 % 1010 mb 0 mm/h
Tomorrow 7:00 am
weather icon
19° | 19°°C 0 mm 0% 9 mph 71 % 1011 mb 0 mm/h
Tomorrow 10:00 am
weather icon
23° | 23°°C 0 mm 0% 12 mph 54 % 1012 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€100,828.37
-0.16%
Ethereum(ETH)
€2,528.42
-0.55%
XRP(XRP)
€2.39
-0.84%
Tether(USDT)
€0.86
0.00%
Solana(SOL)
€138.55
-0.38%
USDC(USDC)
€0.86
0.01%
Dogecoin(DOGE)
€0.168697
-2.49%
Shiba Inu(SHIB)
€0.000011
-2.11%
Pepe(PEPE)
€0.000010
-2.67%
Peanut the Squirrel(PNUT)
€0.246209
7.19%
Scroll to Top