The heart of Signal is its initial handshake protocol, X3DH, which establishes a shared key between two users. This makes it arguably the most critical cryptographic component of the Signal protocol.

Recently, our group has proposed a new protocol (called XHMQV) to strengthen the security of Signal’s initial handshake protocol. Unlike X3DH, our protocol remains secure even if users’ semi-static and ephemeral secrets are comprised. In addition to offering stronger security guarantees, XHMQV is also more efficient: it requires only 5 group operations to establish a key (compared to 8 in X3DH), and just 4 in a reduced mode (versus 6 in X3DH). Our protocol is accompanied by a formal security analysis.

This work is a collaboration between Rune Fiedler (TU Darmstadt), Felix Günther (IBM Zürich), and Jiaxin Pan and Runzhi Zeng (University of Kassel). It has been accepted for publication at CRYPTO 2025, one of the flagship, top-tier conferences in cryptology, under the title: 

“XHMQV: Better Efficiency and Stronger Security for Signal’s Initial Handshake based on HMQV”.

In August, Jiaxin Pan will give the presentation at the conference.

This paper showcases our group’s focus on theoretical research in applied cryptography. It also marks the seventh publication in a top-tier conference since the founding of the Department of Information Security at the University of Kassel in 2023.