Continuous Authentication in Secure Messaging
METADATA ONLY
Loading...
Author / Producer
Date
2022
Publication Type
Conference Paper
ETH Bibliography
yes
Citations
Altmetric
METADATA ONLY
Data
Rights / License
Abstract
Secure messaging schemes such as the Signal protocol rely on out-of-band channels to verify the authenticity of long-running communication. Such out-of-band checks however are only rarely actually performed by users in practice.
In this paper, we propose a new method for performing continuous authentication during a secure messaging session, without the need for an out-of-band channel. Leveraging the users’ long-term secrets, our Authentication Steps extension guarantees authenticity as long as long-term secrets are not compromised, strengthening Signal’s post-compromise security. Our mechanism further allows to detect a potential compromise of long-term secrets after the fact via an out-of-band channel.
Our protocol comes with a novel, formal security definition capturing continuous authentication, a general construction for Signal-like protocols, and a security proof for the proposed instantiation. We further provide a prototype implementation which seamlessly integrates on top of the official Signal Java library, together with bandwidth and storage overhead benchmarks.
Permanent link
Publication status
published
External links
Book title
Computer Security – ESORICS 2022
Journal / series
Volume
13555
Pages / Article No.
361 - 381
Publisher
Springer
Event
27th European Symposium on Research in Computer Security (ESORICS 2022)
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Secure messaging; Authentication; Compromise detection; Post-compromise security
Organisational unit
09653 - Paterson, Kenneth / Paterson, Kenneth
Notes
Funding
Related publications and datasets
Has part: