Cryptology ePrint Archive: Report 2016/1028

Ratcheted Encryption and Key Exchange: The Security of Messaging

Mihir Bellare and Asha Camper Singh and Joseph Jaeger and Maya Nyayapati and Igors Stepanovs

Abstract: We aim to understand, formalize and provably achieve the goals underlying the core key-ratcheting technique of Borisov, Goldberg and Brewer, extensions of which are now used in secure messaging systems. We give syntax and security definitions for ratcheted encryption and key-exchange. We give a proven-secure protocol for ratcheted key exchange. We then show how to generically obtain ratcheted encryption from ratcheted key-exchange and standard encryption.

Category / Keywords: cryptographic protocols / symmetric encryption, forward security, backward security, authenticated key exchange, Diffie-Hellman, Off-the-Record Messaging protocol, Signal protocol

Original Publication (with major differences): IACR-CRYPTO-2017

Date: received 30 Oct 2016, last revised 5 Jun 2017

Contact author: istepano at eng ucsd edu

Available format(s): PDF | BibTeX Citation

Version: 20170605:201713 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]