(2018) On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees.
|
Text
CCGMM2018-groupmessaging.pdf - Updated Version Download (888kB) | Preview |
Abstract
In the past few years secure messaging has become mainstream, with over a billion active users of end-to-end encryption protocols such as Signal. The Signal Protocol provides a strong property called post-compromise security to its users. However, it turns out that many of its implementations provide, without notification, a weaker property for group messaging: an adversary who compromises a single group member can read and inject messages indefinitely. We show for the first time that post-compromise security can be achieved in realistic, asynchronous group messaging systems. We present a design called Asynchronous Ratcheting Trees (ART), which uses tree-based Diffie-Hellman key exchange to allow a group of users to derive a shared symmetric key even if no two are ever online at the same time. ART scales to groups containing thousands of members, while still providing provable security guarantees. It has seen significant interest from industry, and forms the basis for two draft IETF RFCs and a chartered working group. Our results show that strong security guarantees for group messaging are practically achievable in a modern setting.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Unspecified |
| Conference: | CCS ACM Conference on Computer and Communications Security |
| Depositing User: | Cas Cremers |
| Date Deposited: | 25 Jul 2018 11:03 |
| Last Modified: | 17 Oct 2022 19:19 |
| Primary Research Area: | NRA2: Reliable Security Guarantees |
| URI: | https://publications.cispa.saarland/id/eprint/2636 |
Actions
Actions (login required)
 |
View Item |