Consider Signal Protocol #104
Description
This is possibly the best probable security system we can have in a messaging app albeit introduces complex book keeping and complexity, which can (and will be) exploited.
Our initial approach of using PKI and generating certificate on a new device and getting it signed by server is good enough. We can display a red/yellow/green indicator next to contacts to indicate their verification level and users can mail numbers/scan barcodes to improve verification with fellows. We can bundle new DH parameters with each message exchanged to refresh encryption token used for better forward secrecy.