Paper 2020/808
Security Analysis of Olvid's SAS-based Trust Establishment Protocol
Michel Abdalla
Abstract
In this report, we analyze the security of the trust establishment protocol used in the Olvid messaging protocol. The latter relies on the PV-SAS-MCA message cross-authentication protocol by Pasini an Vaudenay based on short authenticated strings (SAS). In order to make the implementation portable across different platforms, Olvid proposed particular instantiations of the underlying primitives used in PV-SAS-MCA in addition to some other minor modifications. Here, we show that these changes have no impact on the security of the scheme. More precisely, we formally prove that the trust establishment protocol used in Olvid is a secure message cross-authentication protocol. The proof of security is in the random-oracle model and relies on the security of the underlying pseudorandom generator. It also assumes users know each other and have an authentic channel between them.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Contact author(s)
- michel abdalla @ ens fr
- History
- 2020-06-30: received
- Short URL
- https://ia.cr/2020/808
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/808, author = {Michel Abdalla}, title = {Security Analysis of Olvid's {SAS}-based Trust Establishment Protocol}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/808}, year = {2020}, url = {https://eprint.iacr.org/2020/808} }