Abstract
Although today’s most prevalent end-to-end encrypted messaging platforms using the Signal Protocol perform opportunistic encryption and provide resistance to eavesdropping, they are still vulnerable to impersonation attacks. We propose Trusted Introductions, a mechanism to transfer existing identity verifications between users, to increase resistance to active attacks. The proposal builds on the out-of-band user identity verification capabilities provided by the Signal Protocol. We argue that replacing user-managed identity-keys in cryptographic systems with the concept of an introduction, will increase users’ understanding and improve usability of the verification mechanism. Current events underscore the need for anonymous introductions, which can be achieved based on the Signal Protocol’s properties of forward secrecy and repudiation.
We gratefully acknowledge support for this project from the Werner Siemens Stiftung (WSS) Centre for Cyber Trust at ETH Zurich. https://cyber-trust.org.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Iran: Death Sentences Against Protesters (2022). https://www.hrw.org/news/2022/12/13/iran-death-sentences-against-protesters
Abelson, H., et al.: Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications (2015). https://dspace.mit.edu/handle/1721.1/97690, accepted: 2015-07-07T02:15:02Z
Facebook: Messenger secret conversations. https://about.fb.com/wp-content/uploads/2016/07/messenger-secret-conversations-technical-whitepaper.pdf
Farb, M., Lin, Y.H., Kim, T.H.J., McCune, J., Perrig, A.: SafeSlinger: easy-to-use and secure public-key exchange. In: Proceedings of the 19th Annual International Conference on Mobile Computing & Networking - MobiCom 2013, p. 417. ACM Press, Miami, Florida, USA (2013). https://doi.org/10.1145/2500423.2500428, http://dl.acm.org/citation.cfm?doid=2500423.2500428
Gloor, C.: Trusted introductions for the signal private messenger. https://trusted-introductions.github.io/
Green, M.: What’s the matter with pgp?. https://blog.cryptographyengineering.com/2014/08/13/whats-matter-with-pgp/
Greyson Parrelli, J.R.: Android implementation signal service id. https://github.com/signalapp/Signal-Android/blob/cb0e7ade141fc9b1c707d53c52cc2ab5b784207b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/push/ServiceId.java
Ian Levy, C.R.: Principles for a more informed exceptional access debate. https://www.lawfareblog.com/principles-more-informed-exceptional-access-debate
jlund: Technology preview: Sealed sender for signal. https://signal.org/blog/sealed-sender/
Marlinspike, M.: Facebook messenger deploys signal protocol for end-to-end encryption. https://signal.org/blog/facebook-messenger/
Marlinspike, M.: GPG and me. https://moxie.org/2015/02/24/gpg-and-me.html
Marlinspike, M.: Signal on the outside, signal on the inside. https://signal.org/blog/signal-inside-and-out/
Marlinspike, M.: Textsecure, now with 10 million more users. https://signal.org/blog/cyanogen-integration/
Marlinspike, M.: Whatsapp’s signal protocol integration is now complete. https://signal.org/blog/whatsapp-complete/
Marlinspike, M.: The X3DH key agreement protocol. https://signal.org/docs/specifications/x3dh/#identity-binding
Parrelli, G., Rose, J., nightflame2, bitmold, Henthorne, C., Hart, A.: Android implementation security numbers. https://github.com/signalapp/Signal-Android/blob/main/app/src/main/java/org/thoughtcrime/securesms/verify/VerifyDisplayFragment.java
Perry, M.: [tor-talk] why the web of trust sucks. https://lists.torproject.org/pipermail/tor-talk/2013-September/030235.html
Rose, J.: Rust implementation fingerprint generation. https://github.com/signalapp/libsignal/blob/main/rust/protocol/src/fingerprint.rs#L154
Ruoti, S., Kim, N., Burgon, B., van der Horst, T., Seamons, K.: Confused Johnny: when automatic encryption leads to confusion and mistakes. In: Proceedings of the Ninth Symposium on Usable Privacy and Security - SOUPS 2013, p. 1. ACM Press, Newcastle, United Kingdom (2013). https://doi.org/10.1145/2501604.2501609, http://dl.acm.org/citation.cfm?doid=2501604.2501609
Signal: Signal technical information. https://signal.org/docs/
Tong, W., Gold, S., Gichohi, S., Roman, M., Frankle, J.: Why King George III Can Encrypt, p. 13
Valsorda, F.: Op-ed: I’m throwing in the towel on PGP, and I work in security. https://arstechnica.com/information-technology/2016/12/op-ed-im-giving-up-on-pgp
WhatsApp: Whatsapp encryption overview. https://faq.whatsapp.com/820124435853543
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th conference on USENIX Security Symposium - Volume 8, p. 14. SSYM 1999, USENIX Association, USA (1999)
Zimmermann, P.: Why i wrote PGP. https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html
Acknowledgements
We gratefully acknowledge support for this project from the Werner Siemens Stiftung (WSS) Centre for Cyber Trust at ETH Zurich https://cyber-trust.org, and thank Giacomo Giuliari, François Wirz, Tsutomu Shimomura, and Kate O’Brien for their valued feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Gloor, C., Perrig, A. (2023). Trusted Introductions for Secure Messaging. In: Stajano, F., Matyáš, V., Christianson, B., Anderson, J. (eds) Security Protocols XXVIII. Security Protocols 2023. Lecture Notes in Computer Science, vol 14186. Springer, Cham. https://doi.org/10.1007/978-3-031-43033-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-43033-6_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-43032-9
Online ISBN: 978-3-031-43033-6
eBook Packages: Computer ScienceComputer Science (R0)