The Signal is an end-to-end encrypted communication protocol composed of a double ratchet (DR) protocol and an extended triple Diffie-Hellman (X3DH) protocol. Its complex ratchet structure and the characteristics of protocol composition make it challenging to realize formal analysis. A formal analysis method based on logic of events theory (LoET) is proposed to conduct a security analysis of the Signal protocol. The method includes inference rules with key relation and key chain as the core to realize the formal analysis of ratchet structure, and the inference relation between sub-protocols is established by putting forward the composition theorem. The proposed method achieves a formal analysis of Signal, revealing that it does not satisfy a strong authentication property during the X3DH phase. The results show that the LoET-based method can be effectively applied in the formal analysis of Signal protocols, thus promoting the application and development of these protocols with ratchet structure and composition properties.
Read full abstract