Paper 2026/1247
Practical Attacks on a Decentralized Secure Messenger Session
Abstract
Session is a widely deployed decentralized messenger application that emphasizes user anonymity and privacy through end-to-end encryption. Session currently employs its own uniquely designed messaging protocol, Session Protocol V1, having migrated from the extensively studied Signal Protocol. In this paper, we conduct a comprehensive, implementation-driven security analysis of the Session Protocol V1, focusing on its 1-to-1 and closed-group communication mechanisms. Our analysis reveals two fundamental design vulnerabilities: the absence of mutual public key authentication and the lack of cryptographic bindings to monotonic sequence counters. Exploiting these weaknesses within the context of actual application environments, we demonstrate three practical attacks: an impersonation attack, a message timestamp forgery attack, and message dropping and replay attacks. These attacks allow malicious server nodes or unprivileged malicious insiders to substitute public keys, silently suppress or duplicate messages, and manipulate the perceived chronological order of conversations. The findings highlight that these exploits severely undermine the fundamental security guarantees of the messenger. Finally, we propose immediate, actionable mitigation strategies to address the identified flaws and secure the protocol against these threats.
Note: Accepted to the 20th USENIX WOOT Conference on Offensive Technologies. The official version will appear in the WOOT '26 proceedings published by USENIX. Code is available at https://github.com/kota5140/session-woot.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. 20th USENIX WOOT Conference on Offensive Technologies (WOOT '26)
- Keywords
- SessionE2ECryptographic ProtocolSecure MessengerDecentralized
- Contact author(s)
-
k urushigaki @ ist osaka-u ac jp
hayato kimura @ nict go jp
a tanaka @ ist osaka-u ac jp
takanori isobe @ ist osaka-u ac jp - History
- 2026-06-13: approved
- 2026-06-12: received
- See all versions
- Short URL
- https://ia.cr/2026/1247
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2026/1247,
author = {Kota Urushigaki and Hayato Kimura and Atsushi Tanaka and Takanori Isobe},
title = {Practical Attacks on a Decentralized Secure Messenger Session},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/1247},
year = {2026},
url = {https://eprint.iacr.org/2026/1247}
}