Paper 2020/808

Security Analysis of Olvid's SAS-based Trust Establishment Protocol

Michel Abdalla

Abstract

In this report, we analyze the security of the trust establishment protocol used in the Olvid messaging protocol. The latter relies on the PV-SAS-MCA message cross-authentication protocol by Pasini an Vaudenay based on short authenticated strings (SAS). In order to make the implementation portable across different platforms, Olvid proposed particular instantiations of the underlying primitives used in PV-SAS-MCA in addition to some other minor modifications. Here, we show that these changes have no impact on the security of the scheme. More precisely, we formally prove that the trust establishment protocol used in Olvid is a secure message cross-authentication protocol. The proof of security is in the random-oracle model and relies on the security of the underlying pseudorandom generator. It also assumes users know each other and have an authentic channel between them.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Contact author(s)
michel abdalla @ ens fr
History
2020-06-30: received
Short URL
https://ia.cr/2020/808
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/808,
      author = {Michel Abdalla},
      title = {Security Analysis of Olvid's SAS-based Trust Establishment Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2020/808},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/808}},
      url = {https://eprint.iacr.org/2020/808}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.