We are excited to announce a significant advancement in the security of the Signal Protocol: the introduction of the Sparse Post Quantum Ratchet (SPQR). This new ratchet enhances the Signal Protocol’s resilience against future quantum computing threats while maintaining our existing security guar...
And how is the central server supposed to know anything when every message it transmits is verifiably e2e encrypted?
Even if we assume that man in the middle attack is impossible with signal. Intelligence agencies care more about metadata anyway. Remember that getting meaning from terabytes of daily messages hasn’t really been viable way to mass spy anybody until very recently, since you needed humans to read them individually to get any wider sense of chat logs. if they know who talked to who and when. With those they can social graphs and get a list of suspects when everybody is tied to an identifiable phone number. Yeah they won’t directly get incriminating chat of somebody ordering drugs, but they can go nab the dealer and their associates with that info. Or they can have a group of key activists followed if they know that when messages between these people spike just before a protest happens.
They also don’t have that data. Who you talk to and when it also concealed from them.
Check out their blog article about “Sealed Sender” from back in 2018.
https://signal.org/blog/sealed-sender/
Also note that the EFF encourages the use of Signal.
https://ssd.eff.org/module/how-to-use-signal