Popular instant messaging applications such as WhatsApp and Signal provide end-to-end encryption for billions of users. These applications often rely on a centralized, application-specific server to distribute public keys and relay encrypted messages between the users. As a result, they prevent passive attacks but are vulnerable to some active attacks. A malicious or hacked server can distribute fake keys to users to perform man-in-the-middle or impersonation attacks. While typical secure messaging applications provide a manual method for users to detect these attacks, this burdens users, and studies show it is ineffective in practice. This paper presents KTACA, a completely automated approach for key verification that is oblivious to users and easy to deploy. We motivate KTACA by designing two approaches to automatic key verification. One approach uses client auditing (KTCA) and the second uses anonymous key monitoring (AKM). Both have relatively inferior security properties, leading to KTACA, which combines these approaches to provide the best of both worlds. We provide a security analysis of each defense, identifying which attacks they can automatically detect. We implement the active attacks to demonstrate they are possible, and we also create a prototype implementation of all the defenses to measure their performance and confirm their feasibility. Finally, we discuss the strengths and weaknesses of each defense, the load they impose on clients and service providers, and their deployment considerations.
|Title of host publication||CCS 2022 - Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security|
|Publisher||Association for Computing Machinery|
|Number of pages||14|
|State||Published - 7 Nov 2022|
|Event||28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 - Los Angeles, United States|
Duration: 7 Nov 2022 → 11 Nov 2022
|Name||Proceedings of the ACM Conference on Computer and Communications Security|
|Conference||28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022|
|Period||7/11/22 → 11/11/22|
Bibliographical notePublisher Copyright:
© 2022 ACM.
- mitm attacks
- secure messaging