Off-topic encryption question.

Blastoidea

At what point in its creation is a text encrypted?

While you are typing it, or when you touch “send”?

missing-root

Depends on the implementation

If you see it, that text is not encrypted for sure

Blastoidea

I know that.

What I was getting at is, in order for the clear text to be intercepted, where do you have to grab it?

Does it encrypt letter by letter, or by blocks? Is it unencrypted until you send it?

Thinking of Signal and SimpleX Chat.

ryrona

Blastoidea Thinking of Signal and SimpleX Chat.

Message gets end-to-end encrypted to the recipient when you click Send, prior to the message being sent out on the network. While you are typing the message, nothing is sent out on the internet, or possibly only a "User is typing a message" notification, but no part of the actual message. No one on the network can ever intercept any part of your message unencrypted, not even Signal or SimpleX network owners.

Blastoidea Does it encrypt letter by letter, or by blocks?

The message is padded to hide the exact message size, and then encrypted as a whole. Some kind of message authentication code is also added to the message, so the recipient can verify the message really is from you and hasn't been tampered with during transit.

Hiding the message size using padding is important. If the message is only 2 characters long, anyone can guess you wrote either "hi" or "no", even if they cannot decrypt the message. But your messaging app will take care of that for you.

Blastoidea Is it unencrypted until you send it?

It is always unencrypted on your device. The message is shown on your screen, you can read it. Encryption is only used to prevent others on the internet from reading the message.

Totally independent from that, any data stored on your device will be encrypted with your device login credentials (PIN or password), to prevent an attacker with physical access to your device from accessing that message. But that has nothing with sending the messages to do.

Did this make it clearer?

thmf

Blastoidea What I was getting at is, in order for the clear text to be intercepted, where do you have to grab it?

ryrona It is always unencrypted on your device. The message is shown on your screen, you can read it. Encryption is only used to prevent others on the internet from reading the message.

It's a bit inaccurate. If we look at a wider attack surface than network, there are other options to retrieve messages in unencrypted form, for example messenger app's database or device's screen.
Regarding database encryption, see Molly's (hardened Signal fork) explanation here:
https://github.com/mollyim/mollyim-android/wiki/Data-Encryption-At-Rest
Signal's database stores the chats in encrypted form. In addition, Molly encrypts 'Shared Preferences' (whatever that is) with a passphrase. I'm a bit out of my depth here, but I think while the database file remains encrypted on device's storage, the data (e.g. chat messages) are unencrypted in RAM while the messenger app is running (this is the case you meant?).
Regarding the device's screen, if you can't get a screenshot of the message you need, you can, for example take a picture of someone's chat with another device. There's even no need to decrypt anything, since you have the message in plain text.