Comment by account42
10 hours ago
It would be absolutely trivial for the FBI to hash every single assigned phone number and check which one matches. Hashing only provides any anonymity if the source domain is too large to be enumerable.
10 hours ago
It would be absolutely trivial for the FBI to hash every single assigned phone number and check which one matches. Hashing only provides any anonymity if the source domain is too large to be enumerable.
Brief research says that Signal does store phone numbers.
Regarding hashing: while unsalted phone number hashes would be easy to reverse then I doubt that any hashing scheme today is set up like that.
You don't even need to think about how the hashing scheme and salt is set up. If Signal can check if a phone number matches the hash in any reasonable amount of time (which is the whole point of keeping a hash in the first place) then the FBI can just do that for all phone numbers with very realistic compute resources once they get Signal to cough up the details of the algorithm and magic numbers used.
Well, Signal would have to disclose the salt of course.