Cryptology ePrint Archive: Report 2020/808

Security Analysis of Olvid's SAS-based Trust Establishment Protocol

Michel Abdalla

Abstract: In this report, we analyze the security of the trust establishment protocol used in the Olvid messaging protocol. The latter relies on the PV-SAS-MCA message cross-authentication protocol by Pasini an Vaudenay based on short authenticated strings (SAS). In order to make the implementation portable across different platforms, Olvid proposed particular instantiations of the underlying primitives used in PV-SAS-MCA in addition to some other minor modifications. Here, we show that these changes have no impact on the security of the scheme. More precisely, we formally prove that the trust establishment protocol used in Olvid is a secure message cross-authentication protocol. The proof of security is in the random-oracle model and relies on the security of the underlying pseudorandom generator. It also assumes users know each other and have an authentic channel between them.

Category / Keywords: cryptographic protocols /

Date: received 29 Jun 2020

Contact author: michel abdalla at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20200630:130311 (All versions of this report)

Short URL: ia.cr/2020/808


[ Cryptology ePrint archive ]