SEEMless: Secure End-to-End Encrypted Messaging with less Trust

End-to-end encrypted messaging (E2E) is only secure if participants have a way to retrieve the correct public key for the desired recipient. However, to make these systems usable, users must be able to replace their keys (e.g. when they lose or reset their devices, or reinstall their app), and we cannot assume any cryptographic means of authenticating the new keys. In the current E2E systems, the service provider manages the directory of public keys of its registered users; this allows a compromised or coerced service provider to introduce their own keys and execute a man in the middle attack. Building on the approach of CONIKS (Melara et al, USENIX Security '15), we formalize the notion of a Privacy-Preserving Verifiable Key Directory (VKD): a system which allows users to monitor the keys that the service is distributing on their behalf. We then propose a new VKD scheme which we call SEEMless, which improves on prior work in terms of privacy and scalability. In particular, our new approach allows key changes to take effect almost immediately; we show experimentally that our scheme easily supports delays less than a minute, in contrast to previous work which proposes a delay of one hour.

[1]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[2]  Muneeb Ali,et al.  Blockstack: A Global Naming and Storage System Secured by Blockchains , 2016, USENIX Annual Technical Conference.

[3]  Arno Fiedler,et al.  Certificate transparency , 2014, Commun. ACM.

[4]  Reza Rejaie,et al.  Is content publishing in BitTorrent altruistic or profit-driven? , 2010, CoNEXT.

[5]  Alina Oprea,et al.  Authentic Time-Stamps for Archival Storage , 2009, ESORICS.

[6]  Thomas Icart,et al.  How to Hash into Elliptic Curves , 2009, IACR Cryptol. ePrint Arch..

[7]  Melissa Chase,et al.  Simulatable VRFs with Applications to Multi-theorem NIZK , 2007, CRYPTO.

[8]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[9]  Donald E. Knuth,et al.  The Art of Computer Programming: Volume 3: Sorting and Searching , 1998 .

[10]  Donald E. Knuth,et al.  The art of computer programming: sorting and searching (volume 3) , 1973 .

[11]  Alptekin Küpçü,et al.  Efficient Key Authentication Service for Secure End-to-End Communications , 2015, ProvSec.

[12]  Marcos A. Kiwi,et al.  Strong accumulators from collision-resistant hashing , 2008, International Journal of Information Security.

[13]  Moses D. Liskov Updatable Zero-Knowledge Databases , 2005, ASIACRYPT.

[14]  Joseph Bonneau,et al.  EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log , 2016, Financial Cryptography Workshops.

[15]  Tal Malkin,et al.  Mercurial Commitments with Applications to Zero-Knowledge Sets , 2005, Journal of Cryptology.

[16]  Jan Camenisch,et al.  Accumulators with Applications to Anonymity-Preserving Revocation , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[17]  Dan Boneh,et al.  Certificate Transparency with Privacy , 2017, Proc. Priv. Enhancing Technol..

[18]  Srinivas Devadas,et al.  Catena: Efficient Non-equivocation via Bitcoin , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[19]  Igor E. Shparlinski,et al.  Indifferentiable deterministic hashing to elliptic and hyperelliptic curves , 2012, Math. Comput..

[20]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.