Google rolling out End to End Encryption

Google announced that they were working on End to End Encryption back in November 2020 and that they would be using the Signal Protocol. Now Google is starting to roll this out and here are some details. Both parties must have Chat features and data/Wi-Fi enabled for End to End Encryption to work.

The feature It is not compatible with SMS/MMS or group messaging, but it is available when using the Messages for web app. If the above conditions are met, End to End Encryption is activated automatically for both existing and new conversations. When end-to-end encryption is enabled/used for delivery, you will see a lock icon in the “Chatting with” banner, timestamps, and on the send button.

Each End to End Encryption chat has its own unique verification code, which you can manually validate with the other person by tapping the overflow menu > Details > Verify encryption.

Once a secure session is established using remote client prekeys, Signal derives the following values: 256 bit AES encryption key 256 bit MAC key 128 bit initialization vector Signal uses AES-256-CBC with PKCS#7 padding for message encryption. The encrypted message is stored in a protocol buffer along with other session states. A 64 bit MAC is computed over the serialized protocol buffer using HMAC-SHA256 to create the final message payload. After each encryption, Signal advances the chain key to achieve forward secrecy. More information on the Signal Protocol can be found here.