Can a data requester get the sender when "Sealed sender" is enabled in Signal?

Question

The Signal app offers to seal the sender. The whole process can be summarized in the following steps:

1. The app encrypts the message using Signal Protocol, as usual.
2. Include the sender certificate and encrypted message in an envelope.
3. Encrypt the envelope using the sender and recipient identity keys.
4. Without authenticating, send the encrypted envelope to the Signal server along with the recipient's delivery token.
5. The message recipient can then decrypt the envelope by validating the identity key to know the sender of the message.

Is Signal able to give out the sender to a data requester, for example the FBI, with the mentioned process of sealing the sender?

Answer 1

In the blog post about the new feature, Signal says:

Message contents are end-to-end encrypted with the Signal Protocol as normal, but the “envelope” containing the sender certificate as well as the message ciphertext is then also encrypted using the sender and recipient identity keys:

The feature is designed to hide the sender of the message from plain view, and leaves this inside the encrypted envelope, so only the recipient and sender can know who actually sent the message.

So yes, it disallows Signal from knowing the sender of the message, yet allowing the recipient to know.

Answer 2

Hiding who is sending the message is indeed the intent of the feature. In many cases it should be effective, but as they note in their blog post, there are still improvements to be done:

These protocol changes are an incremental step, and we are continuing to work on improvements to Signal’s metadata resistance. In particular, additional resistance to traffic correlation via timing attacks and IP addresses are areas of ongoing development.

Take IP addresses for example. Suppose Alice often retrieves messages from a certain IP, and no other user has ever used that IP. It seems probable that a message sent from that IP to be delivered to Bob would be from Alice.