Session Messenger prepares to weaken file encryption
Just an update on this: Session is not going to use the deterministic file encryption code path for attachments, images, videos, etc. that are uploaded and sent in conversations; that code path will only be used for profile images. This is where the usage makes the most sense, since the same profile images are regularly re-uploaded on an automated basis by Session clients, and Session clients with linked accounts. This is likely leading to many duplicates of identical profile images being uploaded to the file server, consuming storage space and bandwidth.
We considered whether deterministic encryption should be used for all attachments, but ultimately, since the determinism is based on the sender of the attachment, it would only really reduce storage requirements when the same file is sent by the same sender in the same or different conversations. This is a somewhat uncommon action in chat apps, since users generally send a file to a group with several users rather than sending the same file to many users individually, so the savings from using deterministic encryption in that case are likely to be minimal.
Profile images are used in a distinctly different way than generalized attachments sent in conversations. For most users, they are set once and rarely change, and most users understand that profile images are quasi-public information, since your profile image can be seen by all of your contacts and by all users in the groups and communities you post in. Given this difference, it’s not common to see users embedding confidential information in profile images, and thus I don’t think the same concerns apply to using deterministic encryption only for profile images.
The functions for deterministic encryption have been added to libsession, but they are not currently being used by any Session client. Updates to the way clients interact with file servers generally need to be rolled out over several client releases to ensure Session users have enough time to upgrade, allowing them to interpret files sent using a new format or uploaded to an alternate file server. This upgrade process is ongoing, but has not yet reached the stage where clients have changed they way they encrypt profile images.
