CryptoDB
Continuous Authentication in Secure Messaging
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Abstract: | Messaging schemes such as the Signal protocol rely on out-of-band channels to guarantee the authenticity of long-running communication. However those out-of-band checks may rarely be performed in practice. In this talk, we propose a method for performing continuous authentication during the communication, without needing an out-of-band channel. Leveraging the users' long-term secrets, our Authentication Steps extension guarantees authenticity as long as long-term secrets are not compromised, strengthening Signal's post-compromise security, and further allows to detect a potential compromise of long-term secrets after the fact via an out-of-band channel. Our protocol comes with a formal definition for continuous authentication and security proof, as well as a prototype implementation which seamlessly integrates on top of the official Signal Java library, together with bandwidth and storage overhead benchmarks. |
BibTeX
@misc{rwc-2022-35495,
title={Continuous Authentication in Secure Messaging},
note={Presentation at \url{https://iacr.org/submit/files/slides/2022/rwc/rwc2022/26/slides.pdf}},
howpublished={Talk given at RWC 2022},
author={Alexandre Poirrier and Benjamin Dowling and Felix Günther},
year=2022
}