Cryptology ePrint Archive: Report 2016/1028

Ratcheted Encryption and Key Exchange: The Security of Messaging

Mihir Bellare and Asha Camper Singh and Joseph Jaeger and Maya Nyayapati and Igors Stepanovs

Abstract: We aim to understand, formalize and provably achieve the goals underlying the core key-ratcheting technique of Borisov, Goldberg and Brewer, extensions of which are now used in secure messaging systems. We give syntax and security definitions for ratcheted encryption and key-exchange. We give a proven-secure protocol for ratcheted key exchange. We then show how to generically obtain ratcheted encryption from ratcheted key-exchange and standard encryption.

Category / Keywords: cryptographic protocols / symmetric encryption, forward security, backward security, authenticated key exchange, Diffie-Hellman, Off-the-Record Messaging protocol, Signal protocol

Original Publication (with major differences): IACR-CRYPTO-2017

Date: received 30 Oct 2016, last revised 15 Mar 2019

Contact author: istepano at eng ucsd edu

Available format(s): PDF | BibTeX Citation

Note: Fixed the upper bounds provided for the security of ODHE in ROM assumption in Appendix A.

Version: 20190316:020211 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]