Signal is rolling out a new feature that allows users to transfer their message history when linking their primary device to a new desktop or iPad. Previously, only new messages would sync to linked devices, but now users can bring their chats and up to 45 days of media along with them — all while maintaining Signal's stringent end-to-end encryption.
This feature, currently in beta, required significant engineering work to ensure that messages remain private throughout the transfer process. Unlike many other messaging platforms that store user data on centralized servers, Signal prioritizes privacy by ensuring message history is only accessible on users' devices. This posed a unique challenge in synchronizing messages across linked devices while maintaining Signal's core principle of minimal data exposure.
How Signal's secure transfer works
Signal users can link additional devices, such as desktops and iPads, to their primary Android or iOS account. However, to maintain privacy, Signal does not store messages in plaintext on its servers. This means that when a new device is linked, it cannot simply download past messages from a central repository. Instead, the new system initiates a device-to-device encrypted transfer.
When linking a new device, Signal compresses the entire message history into a single encrypted archive. This archive includes text messages, stickers, call history, reactions, and other metadata. The encryption key for this archive is then securely transmitted to the new device during the linking process, ensuring that only the intended recipient can decrypt the content.
To enable a seamless experience without lengthy transfer times, Signal optimizes message synchronization in two key ways:
- Efficient database updates: Signal speeds up message imports using batching techniques and optimized write operations to prevent excessive delays when restoring large histories.
- Media synchronization via server-stored attachments: Instead of re-uploading media files, Signal includes references to encrypted attachments stored on its servers for up to 45 days. This allows the new device to fetch and decrypt media on demand without overburdening the network.
To prevent unauthorized access, Signal employs a QR code-based authentication system. When a user links a new device, the primary device must scan a QR code displayed on the new device. This code contains a temporary “provisioning address” and a public key that enables secure communication between the two devices. Once scanned, the primary device encrypts and transmits a provisioning message that includes shared keys and account information, allowing the new device to be securely added to the Signal account.
Planned expansions and enhancements
Signal acknowledges that the current media transfer limitation—only allowing synchronization of media up to 45 days old—is a constraint they plan to address in future updates. The introduction of this encrypted archive format also lays the groundwork for additional features, such as restoring messages when setting up a new device after losing the original one.
The rollout of message history sync marks a major step in improving usability for Signal users while reinforcing the platform's commitment to privacy. As this feature moves from beta to full release, users can expect further refinements and improvements.
Meanwhile, users are advised to only link devices they trust and regularly review the list of linked devices in Signal's settings. Additionally, ensure that all your devices, including desktops and tablets, are protected by strong passcodes or biometric security. Since media older than 45 days won't sync, consider backing up important files manually if needed.
Apple Fixes Zero-Day Flaw Exploited in Attacks Against iPhones
Leave a Reply