When a client downloads the application and logs into Silent Circle over TLS, the client sends a request to the registrar server to create a Long Term Identity Key and several pre-keys. The client holds the private key components for the Long Term Identity key and the pre-keys.
When a user sends a message to another user the server looks for all known devices for that username and sends the message to all the devices. Since each device has a unique Long Term Identity Key and a set of pre-keys, the message is encrypted and unencrypted for each message exchange. There is a new and unique key exchange with every message sent and received. This ensures perfect future secrecy. If a previously used key were somehow compromised, each new message would not be compromised because the keys are unique.
Additionally, sent messages are synchronized with each device known to the user. These are encrypted in the same way as messages sent from one user to another.
For example: Alice has an iPhone and an Android device provisioned with username Alice. Bob has two devices as well, an iPhone and an iPad. These are provisioned with the username Bob.
Alice sends a message “hello” from her Android device to Bob.
With the message, Alice sends a new key announcement.
Bob receives the message on both his iPhone and iPad, acknowledges the key from Alice and sends his own new key announcement.
Alice also sees her sent message synchronized with her iPhone.
When Bob replies, “good morning,” Alice sees the reply on both her iPhone and Android device. Each of her devices does the key exchange for every message.
If Alice’s iPhone were in airplane mode, she would first see the message delivered to her Android device, and would only see the message on her iPhone when it was taken out of airplane mode. The message will remain in the queue until her device is available.