Efficient Ratcheting: Almost-Optimal Guarantees for Secure Messaging

In the era of mass surveillance and information breaches, privacy of Internet communication, and messaging in particular, is a growing concern. As secure messaging protocols are executed on the not-so-secure end-user devices, and because their sessions are long-lived, they aim to guarantee strong security even if secret states and local randomness can be exposed.

[1]  Nikita Borisov,et al.  Off-the-record communication, or, why not to use PGP , 2004, WPES '04.

[2]  Ben Lynn,et al.  Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[3]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[4]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[5]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[6]  Igors Stepanovs,et al.  Optimal Channel Security Against Fine-Grained State Compromise: The Safety of Messaging , 2018, IACR Cryptol. ePrint Arch..

[7]  Mihir Bellare,et al.  Ratcheted Encryption and Key Exchange: The Security of Messaging , 2017, CRYPTO.

[8]  Paul Rösler,et al.  Towards Bidirectional Ratcheted Key Exchange , 2018, CRYPTO.

[9]  Xin Sun,et al.  Detection, Classification and Characterization of Android Malware Using API Data Dependency , 2015, SecureComm.

[10]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[11]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[12]  Yevgeniy Dodis,et al.  The Double Ratchet: Security Notions, Proofs, and Modularization for the Signal Protocol , 2019, IACR Cryptol. ePrint Arch..

[13]  Douglas Stebila,et al.  A Formal Security Analysis of the Signal Messaging Protocol , 2017, Journal of Cryptology.

[14]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[15]  Chanathip Namprempre,et al.  Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm , 2004, TSEC.

[16]  Serge Vaudenay,et al.  Bidirectional Asynchronous Ratcheted Key Agreement without Key-Update Primitives , 2018, IACR Cryptol. ePrint Arch..

[17]  David Kaplan,et al.  Attacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy , 2014, WOOT.