Paper 2019/1363

Multi-Device for Signal

Sébastien Campion, Julien Devigne, Céline Duguey, and Pierre-Alain Fouque

Abstract

Nowadays, we spend our life juggling with many devices such as smartphones, tablets or laptops, and we expect to easily and efficiently switch between them without losing time or security. However, most applications have been designed for single device usage. This is the case for secure instant messaging (SIM) services based on the Signal protocol, that implements the Double Ratchet key exchange algorithm. While some adaptations, like the Sesame protocol released by the developers of Signal, have been proposed to fix this usability issue, they have not been designed as specific multi-device solutions and no security model has been formally defined either. In addition, even though the group key exchange problematic appears related to the multi-device case, group solutions are too generic and do not take into account some properties of the multi-device setting.Indeed, the fact that all devices belong to a single user can be exploited to build more efficient solutions. In this paper, we propose a Multi-Device Instant Messaging protocol based on Signal, ensuring all the security properties of the original Signal.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ACNS2020
Keywords
Secure Instant MessagingRatchetingMulti-Device
Contact author(s)
celine duguey @ irisa fr
History
2019-11-27: received
Short URL
https://ia.cr/2019/1363
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/1363,
      author = {Sébastien Campion and Julien Devigne and Céline Duguey and Pierre-Alain Fouque},
      title = {Multi-Device for Signal},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1363},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/1363}},
      url = {https://eprint.iacr.org/2019/1363}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.