Paper 2020/684

How to (legally) keep secrets from mobile operators

Ghada Arfaoui, Olivier Blazy, Xavier Bultel, Pierre-Alain Fouque, Thibaut Jacques, Adina Nedelcu, and Cristina Onete


Secure-channel establishment allows two endpoints to communicate confidentially and authentically. Since they hide all data sent across them, good or bad, secure channels are often subject to mass surveillance in the name of (inter)national security. Some protocols are constructed to allow easy data interception . Others are designed to preserve data privacy and are either subverted or prohibited to use without trapdoors. We introduce LIKE, a primitive that provides secure-channel establishment with an exceptional, session-specific opening mechanism. Designed for mobile communications, where an operator forwards messages between the endpoints, it can also be used in other settings. LIKE allows Alice and Bob to establish a secure channel with respect to n authorities. If the authorities all agree on the need for interception, they can ensure that the session key is retrieved. As long as at least one honest authority prohibits interception, the key remains secure; moreover LIKE is versatile with respect to who learns the key. Furthermore, we guarantee non-frameability: nobody can falsely incriminate a user of taking part in a conversation; and honest-operator: if the operator accepts a transcript as valid, then the key retrieved by the authorities is the key that Alice and Bob should compute. Experimental results show that our protocol can be efficiently implemented.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.ESORICS 2021
Authenticated Key Exchangekey escrowlawful interception
Contact author(s)
cristina onete @ gmail com
pa fouque @ gmail com
2021-03-29: revised
2020-06-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ghada Arfaoui and Olivier Blazy and Xavier Bultel and Pierre-Alain Fouque and Thibaut Jacques and Adina Nedelcu and Cristina Onete},
      title = {How to (legally) keep secrets from mobile operators},
      howpublished = {Cryptology ePrint Archive, Paper 2020/684},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.