@alannxd/libsignal-node

@alannxd/libsignal-node

A secure ratcheting forward secrecy protocol implementation for Node.js, designed for both synchronous and asynchronous messaging environments.
Based on the libsignal-protocol-javascript library.

Overview

The Signal Protocol is a session-oriented cryptographic protocol providing end-to-end encryption with forward secrecy.
It enables secure communication in both real-time (synchronous) and offline (asynchronous) messaging scenarios.

PreKeys

The protocol introduces the concept of PreKeys, which are:

• An ECPublicKey (Elliptic Curve public key)
• An associated unique ID

These are stored on the server and can be unsigned or signed.

During installation:

• Generate one signed PreKey.
• Generate a batch of unsigned PreKeys.
• Upload all keys to the server.

Sessions

Once established, a session is reused for all encryption/decryption.
It remains active indefinitely unless explicitly replaced.

Two ways to establish sessions:

• PreKey Bundles — Retrieve a recipient's PreKeyBundle from the server.
• PreKey Signal Messages — Receive a PreKeySignalMessage from a recipient and use it to start a session.

State Management

Persistent session state must be maintained throughout its lifecycle:

• Identity State — Your own identity key pair and keys from others.
• PreKey State — Unsigned PreKeys generated by the client.
• Signed PreKey State — Signed PreKeys generated by the client.
• Session State — Session records for secure communication.

Installation

npm install @alannxd/libsignal-node

License

Licensed under the GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0.html

Copyright

2015–2016 Open Whisper Systems

2017–2018 Forsta Inc