We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.
The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.Category / Keywords: secure messaging, post compromise, transparency, key usage detection Date: received 21 May 2015, last revised 27 Aug 2016 Contact author: J Yu Research at gmail com Available format(s): PDF | BibTeX Citation Version: 20160827:120501 (All versions of this report) Short URL: ia.cr/2015/486 Discussion forum: Show discussion | Start new discussion