Show simple item record

dc.contributor.author
Dowling, Benjamin
dc.contributor.author
Günther, Felix
dc.contributor.author
Poirrier, Alexandre
dc.contributor.editor
Atluri, Vijayalakshmi
dc.contributor.editor
Di Pietro, Roberto
dc.contributor.editor
Jensen, Christian D.
dc.contributor.editor
Meng, Weizhi
dc.date.accessioned
2022-10-27T07:27:35Z
dc.date.available
2022-08-09T15:03:28Z
dc.date.available
2022-08-10T13:20:06Z
dc.date.available
2022-10-27T07:27:35Z
dc.date.issued
2022
dc.identifier.isbn
978-3-031-17145-1
en_US
dc.identifier.isbn
978-3-031-17146-8
en_US
dc.identifier.issn
0302-9743
dc.identifier.issn
1611-3349
dc.identifier.other
10.1007/978-3-031-17146-8_18
en_US
dc.identifier.uri
http://hdl.handle.net/20.500.11850/562702
dc.description.abstract
Secure messaging schemes such as the Signal protocol rely on out-of-band channels to verify the authenticity of long-running communication. Such out-of-band checks however are only rarely actually performed by users in practice. In this paper, we propose a new method for performing continuous authentication during a secure messaging session, without the need for an out-of-band channel. Leveraging the users’ long-term secrets, our Authentication Steps extension guarantees authenticity as long as long-term secrets are not compromised, strengthening Signal’s post-compromise security. Our mechanism further allows to detect a potential compromise of long-term secrets after the fact via an out-of-band channel. Our protocol comes with a novel, formal security definition capturing continuous authentication, a general construction for Signal-like protocols, and a security proof for the proposed instantiation. We further provide a prototype implementation which seamlessly integrates on top of the official Signal Java library, together with bandwidth and storage overhead benchmarks.
en_US
dc.language.iso
en
en_US
dc.publisher
Springer
en_US
dc.subject
Secure messaging
en_US
dc.subject
Authentication
en_US
dc.subject
Compromise detection
en_US
dc.subject
Post-compromise security
en_US
dc.title
Continuous Authentication in Secure Messaging
en_US
dc.type
Conference Paper
dc.date.published
2022-09-22
ethz.book.title
Computer Security – ESORICS 2022
en_US
ethz.journal.title
Lecture Notes in Computer Science
ethz.journal.volume
13555
en_US
ethz.journal.abbreviated
LNCS
ethz.pages.start
361
en_US
ethz.pages.end
381
en_US
ethz.event
27th European Symposium on Research in Computer Security (ESORICS 2022)
en_US
ethz.event.location
Copenhagen, Denmark
en_US
ethz.event.date
September 26-30, 2022
en_US
ethz.identifier.wos
ethz.publication.place
Cham
en_US
ethz.publication.status
published
en_US
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::09653 - Paterson, Kenneth / Paterson, Kenneth
en_US
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::09653 - Paterson, Kenneth / Paterson, Kenneth
en_US
ethz.relation.hasPart
20.500.11850/474066
ethz.date.deposited
2022-08-09T15:03:35Z
ethz.source
FORM
ethz.eth
yes
en_US
ethz.availability
Metadata only
en_US
ethz.rosetta.installDate
2022-10-27T07:27:37Z
ethz.rosetta.lastUpdated
2022-10-27T07:27:37Z
ethz.rosetta.exportRequired
true
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Continuous%20Authentication%20in%20Secure%20Messaging&rft.jtitle=Lecture%20Notes%20in%20Computer%20Science&rft.date=2022&rft.volume=13555&rft.spage=361&rft.epage=381&rft.issn=0302-9743&1611-3349&rft.au=Dowling,%20Benjamin&G%C3%BCnther,%20Felix&Poirrier,%20Alexandre&rft.isbn=978-3-031-17145-1&978-3-031-17146-8&rft.genre=proceeding&rft_id=info:doi/10.1007/978-3-031-17146-8_18&rft.btitle=Computer%20Security%20%E2%80%93%20ESORICS%202022
 Search print copy at ETH Library

Files in this item

FilesSizeFormatOpen in viewer

There are no files associated with this item.

Publication type

Show simple item record