Paper 2022/1215

Continuous Authentication in Secure Messaging

Benjamin Dowling, University of Sheffield
Felix Günther, ETH Zurich
Alexandre Poirrier, Computer Science Laboratory of the École Polytechnique, Direction Générale de l'Armement
Abstract

Secure messaging schemes such as the Signal protocol rely on out-of-band channels to verify the authenticity of long-running communication. Such out-of-band checks however are only rarely actually performed by users in practice. In this paper, we propose a new method for performing continuous authentication during a secure messaging session, without the need for an out-of-band channel. Leveraging the users' long-term secrets, our Authentication Steps extension guarantees authenticity as long as long-term secrets are not compromised, strengthening Signal's post-compromise security. Our mechanism further allows to detect a potential compromise of long-term secrets after the fact via an out-of-band channel. Our protocol comes with a novel, formal security definition capturing continuous authentication, a general construction for Signal-like protocols, and a security proof for the proposed instantiation. We further provide a prototype implementation which seamlessly integrates on top of the official Signal Java library, together with bandwidth and storage overhead benchmarks.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ESORICS 2022
DOI
10.1007/978-3-031-17146-8_18
Keywords
Secure messaging Authentication Compromise detection Post-compromise security
Contact author(s)
b dowling @ sheffield ac uk
mail @ felixguenther info
alexandre poirrier @ polytechnique org
History
2022-09-14: approved
2022-09-13: received
See all versions
Short URL
https://ia.cr/2022/1215
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1215,
      author = {Benjamin Dowling and Felix Günther and Alexandre Poirrier},
      title = {Continuous Authentication in Secure Messaging},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1215},
      year = {2022},
      doi = {10.1007/978-3-031-17146-8_18},
      url = {https://eprint.iacr.org/2022/1215}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.