Cryptology ePrint Archive: Report 2019/965

Beyond Security and Efficiency: On-Demand Ratcheting with Security Awareness

Andrea Caforio and F Betül Durak and Serge Vaudenay

Abstract: Secure asynchronous two-party communication applies ratcheting to strengthen privacy, in the presence of internal state exposures. Security with ratcheting is provided in two forms: forward security and post-compromise security. There have been several such secure protocols proposed in the last few years. However, they come with a high cost.

In this paper, we propose two generic constructions with favorable properties. Concretely, our first construction achieves security awareness. It allows users to detect non-persistent active attacks, to determine which messages are not safe given a potential leakage pattern, and to acknowledge for deliveries.

In our second construction, we define a hybrid system formed by combining two protocols: typically, a weakly secure "light" protocol and a strongly secure "heavy" protocol. The design goals of our hybrid construction are, first, to let the sender decide which one to use in order to obtain an efficient protocol with ratchet on demand; and second, to restore the communication between honest participants in the case of a message loss or an active attack.

We can apply our generic constructions to any existing protocol.

Category / Keywords: cryptographic protocols / secure communication, post-compromise security, ratchet

Original Publication (with minor differences): IACR-PKC-2021

Date: received 24 Aug 2019, last revised 10 May 2021

Contact author: serge vaudenay at epfl ch, durakfbetul at gmail com, andrea caforio at epfl ch

Available format(s): PDF | BibTeX Citation

Version: 20210510:115920 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]