Session Introduces Quantum-Resistant Encryption for 1M User Network

Session, an encrypted messaging app with over 1 million monthly users, introduced Protocol V2 on December 1. This update incorporates quantum-resistant encryption to safeguard against future quantum computing threats.

The app operates on approximately 1,500 independent computers instead of centralized servers, ensuring user anonymity.
Protocol V2 employs ML-KEM, a quantum-resistant encryption method also used by Signal and Apple's iMessage.
Perfect Forward Secrecy is reintroduced, preventing decryption of old messages even if current keys are compromised.

Technical Setup

Encryption keys rotate regularly, with each device having unique, non-transferrable keys.
Shared keys across devices for incoming messages also rotate, with old keys being deleted after a period.
Previous attempts in 2020 faced issues, leading to a complete infrastructure rebuild.

Network Details

Session transitioned to Arbitrum One in May, supported by a grant from the Arbitrum Foundation.
Network nodes are operated by community members who must lock 25,000 SESH tokens to run a node.
Node operators receive rewards from a pool distributing 14% annually, similar to proof-of-stake networks.
SESH launched with a total supply of 240 million tokens during the migration.
The network uses onion routing to maintain user anonymity.

The Session Technology Foundation, based in Zug, Switzerland, oversees the project. Full specifications for Protocol V2 will be released in 2026, as quantum computers capable of breaking Bitcoin encryption are not yet available.