# signalapp/libsignal **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/signalapp-libsignal).** 5,464 stars · 675 forks · Rust · agpl-3.0 ## Links - GitHub: https://github.com/signalapp/libsignal - awesome-repositories: https://awesome-repositories.com/repository/signalapp-libsignal.md ## Description libsignal is a cryptographic library that implements the Signal Protocol, providing the core primitives for end-to-end encrypted messaging with forward secrecy and deniable authentication. It includes the Double Ratchet algorithm for iteratively deriving fresh encryption keys per message, and the X3DH key agreement protocol for establishing shared secrets between parties asynchronously. A session state machine maintains cryptographic state across message exchanges, supporting recovery and out-of-order delivery. The library extends beyond basic messaging encryption with capabilities such as zero-knowledge proof group membership verification, which allows confirming a user's group membership without revealing the full group roster. It also supports hardware attestation verification to validate the identity and integrity of remote hardware security modules, and provides for secure device migration—transferring account data from one device to another while preserving encryption keys. Additional scope includes a Rust C FFI bridge that exposes cryptographic functions as a cross-platform API, enabling integration from multiple programming languages without rewriting core logic. The library covers end-to-end encryption, group membership verification, and device migration security as distinct capability areas. ## Tags ### Security & Cryptography - [Cryptographic Protocols](https://awesome-repositories.com/f/security-cryptography/cryptographic-protocols.md) — Implements the Signal Protocol to provide cryptographic primitives for secure messaging with forward secrecy and deniable authentication. - [Cryptographic State Machines](https://awesome-repositories.com/f/security-cryptography/cryptographic-state-machines.md) — Maintains cryptographic state across sessions with a state machine supporting recovery and out-of-order delivery. - [End-to-End Encrypted Messaging Frameworks](https://awesome-repositories.com/f/security-cryptography/end-to-end-encrypted-messaging-frameworks.md) — Provides fresh encryption keys for each message to ensure forward secrecy and future secrecy in messaging applications. - [End-to-End Encryption](https://awesome-repositories.com/f/security-cryptography/end-to-end-encryption.md) — Provides fresh encryption keys for each message to ensure forward secrecy and future secrecy. ([source](https://cdn.jsdelivr.net/gh/signalapp/libsignal@main/README.md)) - [End-to-End Encryption Protocols](https://awesome-repositories.com/f/security-cryptography/end-to-end-encryption-protocols.md) — Derives fresh encryption keys for each message to ensure forward secrecy and break-in recovery. - [Asynchronous Key Agreements](https://awesome-repositories.com/f/security-cryptography/key-agreement-protocols/asynchronous-key-agreements.md) — Implements the X3DH key agreement protocol for establishing shared secrets asynchronously between parties. - [Key Derivation Protocols](https://awesome-repositories.com/f/security-cryptography/key-derivation-protocols.md) — Derives fresh encryption keys for each message to maintain forward secrecy and break-in recovery. ([source](https://github.com/signalapp/libsignal/tree/main/doc/src)) - [Ratchet Protocols](https://awesome-repositories.com/f/security-cryptography/ratchet-protocols.md) — Implements the Double Ratchet algorithm for iteratively deriving fresh encryption keys per message. - [Cross-Platform Cryptographic Primitives](https://awesome-repositories.com/f/security-cryptography/cross-platform-cryptographic-primitives.md) — Exposes cryptographic primitives as platform-independent interfaces for consistent security logic across platforms. ([source](https://github.com/signalapp/libsignal/tree/main/doc/src)) - [Hardware Identity Attestations](https://awesome-repositories.com/f/security-cryptography/device-attestation-provisioning/hardware-identity-attestations.md) — Verifies identity and integrity of remote hardware security modules using cryptographic attestation. ([source](https://cdn.jsdelivr.net/gh/signalapp/libsignal@main/README.md)) - [Secure Device Migrations](https://awesome-repositories.com/f/security-cryptography/secure-device-migrations.md) — Transfers account data securely between devices during migration while preserving encryption keys. ([source](https://cdn.jsdelivr.net/gh/signalapp/libsignal@main/README.md)) - [Group Membership Proofs](https://awesome-repositories.com/f/security-cryptography/zero-knowledge-proof-frameworks/group-membership-proofs.md) — Implements zero-knowledge proof group membership verification to confirm membership without revealing the group roster. ### Development Tools & Productivity - [Hardware Attestation Verifiers](https://awesome-repositories.com/f/development-tools-productivity/attestation-verification-tools/hardware-attestation-verifiers.md) — Ships hardware attestation verification for validating remote hardware security module identity and integrity. ### Networking & Communication - [Private Membership Verifications](https://awesome-repositories.com/f/networking-communication/group-membership-control/private-membership-verifications.md) — Confirms group membership without revealing the full group composition using zero-knowledge proofs. ([source](https://cdn.jsdelivr.net/gh/signalapp/libsignal@main/README.md))