Session (software)

Session is a cross-platform end-to-end encrypted instant messaging application, focused on confidentiality and anonymity for the user. It is developed by The Oxen Project under the non-profit Oxen Privacy Tech Foundation. It uses a blockchain-based decentralized network for transmission. Users can send one-to-one and group messages, which can include files, voice notes, images and videos.[1]

Session
Developer(s)The Oxen Project
Initial releaseFebruary 2020 (2020-02)
Repositorygithub.com/oxen-io/session-android/
Operating system
TypeInstant messaging
License BSD-3-Clause
MIT
GPL-3.0
Websitegetsession.org

Session offers applications for multiple platforms, including macOS, Windows, and Linux, in addition to mobile clients available on both iOS and Android.

Features

Session does not require a telephone number or email address to create an account.[2] It uses a randomly generated 66-digit alpha-numeric number for user creation/identification. Communication (messages, voice clips, photos, and files) between users is end-to-end encrypted using the Session protocol. The Loki blockchain network is used by Session for transmissions.[3]

There was an independent review by the third party Quarkslab in 2021 that verified these claims.[4][5]

Development

Session originally started as a fork of another messenger, Signal, with the idea of building upon its foundation.[4] However, due to concerns about the centralized structure of Signal Protocol and the potential collection of unnecessary metadata, the team decided to deviate from it and instead created their own protocol, called Session Protocol.[6] This approach allowed for increased anonymity and decentralization, but during the development process, the team encountered various challenges, leading to the necessity of abandoning or modifying many features.

Limitations

Session does not support two-factor authentication. Underlying protocols are still in a developmental phase. After migrating from Signal Protocol to own internally developed protocol, Perfect Forward Secrecy and deniable authentication was not implemented back.[7]

References
  1. Bhattacharjee, Shomik Sen (October 8, 2021). "Session Is a Blockchain-Based Private Messenger That Uses Decentralised Server Nodes To Ensure Anonymity". Gadgets 360. Retrieved June 18, 2023.
  2. Ankush, Das (February 10, 2022). "8 Reasons to Try Session as a Private Messaging App". MakeUseOf. Retrieved December 8, 2022.
  3. "New WhatsApp Alternative "Session" Works Without Your Phone Number". Fossbytes. March 9, 2020. Archived from the original on May 31, 2023. Retrieved July 31, 2023.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  4. "Session Messenger Review – Best Secure Messaging App?". RestorePrivacy. Retrieved October 11, 2021.
  5. Oxen Session Audit Technical Report (PDF). Quarkslab SAS. 2021.
  6. Florence, Eric (January 6, 2022). "Session Messenger Review". SecurityTech. Retrieved August 3, 2023.
  7. "The Session Protocol: What's changing — and why - Session Private Messenger". Session. December 16, 2020. Retrieved August 10, 2023.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.