Which parts of Signal aren't E2EE?

Email is one extreme where nothing is e2ee (albeit it is encrypted while in transit and at rest).

Whatsapp is made fun of for lacking e2ee in metadata, but since the body is e2ee, that’s also a relief, given that around 2 billion people use and rely on it.

I have heard almost everything is e2ee on signal, so what isn’t?

Signal publishes exactly what they give to law enforcement: Signal >> Government Requests >> MLAT order from Luxembourg for Signal user data

Or Signal >> Government Requests >> Grand jury subpoena for Signal user data, Eastern District of Virginia

So only your number and signup date.


I assume you mean to ask “What data of Signal communications is protected?”

I assume the contents of messages, attachments, reacts, video calls and “control messages” (disappearing message changes, delete for everyone, etc.) are definitely protected by E2EE in Signal Protocol. I’d be very surprised if sender and recipients are leaked as plaintext. However, I haven’t studied Signal Protocol, so cannot say further about data contained and not contained whether as plaintext or ciphertext in the Signal application layer.

Signal Protocol does not protect TCP, UDP or IP data (users’ IP addresses, transmitted data size, timing, etc.). Protection against these kinds of data would require onion routing, padding, mixing and other techniques as what things like Tor and Nym feature.

Beware that the Signal server is centralized. I believe the Signal server (and any adversary with though eyes on the internet) is capable of timing analysis, social graph analysis and the like. The Signal server could also do MITM attack (but not undetected if Signal users check safety numbers) or worse that any centralized server handling E2EE messages would be capable of doing.

Please correct my very rough and quick post if I made any mistake.

1 Like