You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6

Efficient Ratcheting: Almost-Optimal Guarantees for Secure Messaging View Full Text

Ontology type: schema:Chapter     


Chapter Info

DATE

2019-04-18

AUTHORS

Daniel Jost , Ueli Maurer , Marta Mularczyk

ABSTRACT

In the era of mass surveillance and information breaches, privacy of Internet communication, and messaging in particular, is a growing concern. As secure messaging protocols are executed on the not-so-secure end-user devices, and because their sessions are long-lived, they aim to guarantee strong security even if secret states and local randomness can be exposed.The most basic security properties, including forward secrecy, can be achieved using standard techniques such as authenticated encryption. Modern protocols, such as Signal, go one step further and additionally provide the so-called backward secrecy, or healing from state exposures. These additional guarantees come at the price of a moderate efficiency loss (they require public-key primitives).On the opposite side of the security spectrum are the works by Jaeger and Stepanovs and by Poettering and Rösler, which characterize the optimal security a secure-messaging scheme can achieve. However, their proof-of-concept constructions suffer from an extreme efficiency loss compared to Signal. Moreover, this caveat seems inherent.This paper explores the area in between: our starting point are the basic, efficient constructions, and then we ask how far we can go towards the optimal security without losing too much efficiency. We present a construction with guarantees much stronger than those achieved by Signal, and slightly weaker than optimal, yet its efficiency is closer to that of Signal (only standard public-key cryptography is used).On a technical level, achieving optimal guarantees inherently requires key-updating public-key primitives, where the update information is allowed to be public. We consider secret update information instead. Since a state exposure temporally breaks confidentiality, we carefully design such secretly-updatable primitives whose security degrades gracefully if the supposedly secret update information leaks. More... »

PAGES

159-188

Book

TITLE

Advances in Cryptology – EUROCRYPT 2019

ISBN

978-3-030-17652-5
978-3-030-17653-2

Subjects

  • FOR: Information And Computing Sciences
  • FOR: Data Format

    • Author Affiliations

  • Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6

    DOI

    http://dx.doi.org/10.1007/978-3-030-17653-2_6

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1114220768

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Jost", 
        "givenName": "Daniel", 
        "id": "sg:person.013356446515.02", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013356446515.02"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maurer", 
        "givenName": "Ueli", 
        "id": "sg:person.01316567627.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Mularczyk", 
        "givenName": "Marta", 
        "id": "sg:person.013734432247.31", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013734432247.31"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2019-04-18", 
    "datePublishedReg": "2019-04-18", 
    "description": "In the era of mass surveillance and information breaches, privacy of Internet communication, and messaging in particular, is a growing concern. As secure messaging protocols are executed on the not-so-secure end-user devices, and because their sessions are long-lived, they aim to guarantee strong security even if secret states and local randomness can be exposed.The most basic security properties, including forward secrecy, can be achieved using standard techniques such as authenticated encryption. Modern protocols, such as Signal, go one step further and additionally provide the so-called backward secrecy, or healing from state exposures. These additional guarantees come at the price of a moderate efficiency loss (they require public-key primitives).On the opposite side of the security spectrum are the works by Jaeger and Stepanovs and by Poettering and R\u00f6sler, which characterize the optimal security a secure-messaging scheme can achieve. However, their proof-of-concept constructions suffer from an extreme efficiency loss compared to Signal. Moreover, this caveat seems inherent.This paper explores the area in between: our starting point are the basic, efficient constructions, and then we ask how far we can go towards the optimal security without losing too much efficiency. We present a construction with guarantees much stronger than those achieved by Signal, and slightly weaker than optimal, yet its efficiency is closer to that of Signal (only standard public-key cryptography is used).On a technical level, achieving optimal guarantees inherently requires key-updating public-key primitives, where the update information is allowed to be public. We consider secret update information instead. Since a state exposure temporally breaks confidentiality, we carefully design such secretly-updatable primitives whose security degrades gracefully if the supposedly secret update information leaks.", 
    "editor": [
      {
        "familyName": "Ishai", 
        "givenName": "Yuval", 
        "type": "Person"
      }, 
      {
        "familyName": "Rijmen", 
        "givenName": "Vincent", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-17653-2_6", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-030-17652-5", 
        "978-3-030-17653-2"
      ], 
      "name": "Advances in Cryptology \u2013 EUROCRYPT 2019", 
      "type": "Book"
    }, 
    "keywords": [
      "end-user devices", 
      "update information", 
      "optimal security", 
      "secure messaging protocols", 
      "optimal guarantees", 
      "basic security properties", 
      "public-key primitives", 
      "backward secrecy", 
      "messaging protocol", 
      "moderate efficiency loss", 
      "Internet communication", 
      "strong security", 
      "security properties", 
      "forward secrecy", 
      "information leaks", 
      "information breach", 
      "security degrades", 
      "security spectrum", 
      "secure messaging", 
      "mass surveillance", 
      "secret state", 
      "guarantees", 
      "efficiency loss", 
      "security", 
      "primitives", 
      "efficient construction", 
      "technical level", 
      "secrecy", 
      "modern protocols", 
      "state exposure", 
      "protocol", 
      "signals", 
      "additional guarantees", 
      "efficiency", 
      "encryption", 
      "privacy", 
      "Poettering", 
      "devices", 
      "information", 
      "confidentiality", 
      "communication", 
      "messaging", 
      "local randomness", 
      "breach", 
      "degrades", 
      "concept construction", 
      "scheme", 
      "construction", 
      "starting point", 
      "properties", 
      "standard techniques", 
      "proof", 
      "randomness", 
      "spectra", 
      "technique", 
      "surveillance", 
      "loss", 
      "work", 
      "paper", 
      "step", 
      "era", 
      "opposite side", 
      "R\u00f6sler", 
      "area", 
      "point", 
      "concern", 
      "sessions", 
      "state", 
      "side", 
      "prices", 
      "leak", 
      "caveats", 
      "healing", 
      "exposure", 
      "levels", 
      "Stepanov", 
      "Jaeger"
    ], 
    "name": "Efficient Ratcheting: Almost-Optimal Guarantees for Secure Messaging", 
    "pagination": "159-188", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1114220768"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-17653-2_6"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-17653-2_6", 
      "https://app.dimensions.ai/details/publication/pub.1114220768"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:44", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_265.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-17653-2_6"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-17653-2_6'


     

    This table displays all metadata directly associated to this object as RDF triples.

    156 TRIPLES      23 PREDICATES      102 URIs      95 LITERALS      7 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-030-17653-2_6 schema:about anzsrc-for:08
    2 anzsrc-for:0804
    3 schema:author N1acc022b071c4b8da58fc7c7d18e9cf3
    4 schema:datePublished 2019-04-18
    5 schema:datePublishedReg 2019-04-18
    6 schema:description In the era of mass surveillance and information breaches, privacy of Internet communication, and messaging in particular, is a growing concern. As secure messaging protocols are executed on the not-so-secure end-user devices, and because their sessions are long-lived, they aim to guarantee strong security even if secret states and local randomness can be exposed.The most basic security properties, including forward secrecy, can be achieved using standard techniques such as authenticated encryption. Modern protocols, such as Signal, go one step further and additionally provide the so-called backward secrecy, or healing from state exposures. These additional guarantees come at the price of a moderate efficiency loss (they require public-key primitives).On the opposite side of the security spectrum are the works by Jaeger and Stepanovs and by Poettering and Rösler, which characterize the optimal security a secure-messaging scheme can achieve. However, their proof-of-concept constructions suffer from an extreme efficiency loss compared to Signal. Moreover, this caveat seems inherent.This paper explores the area in between: our starting point are the basic, efficient constructions, and then we ask how far we can go towards the optimal security without losing too much efficiency. We present a construction with guarantees much stronger than those achieved by Signal, and slightly weaker than optimal, yet its efficiency is closer to that of Signal (only standard public-key cryptography is used).On a technical level, achieving optimal guarantees inherently requires key-updating public-key primitives, where the update information is allowed to be public. We consider secret update information instead. Since a state exposure temporally breaks confidentiality, we carefully design such secretly-updatable primitives whose security degrades gracefully if the supposedly secret update information leaks.
    7 schema:editor N1bef018e34cf4861809c2f144b1638ca
    8 schema:genre chapter
    9 schema:inLanguage en
    10 schema:isAccessibleForFree false
    11 schema:isPartOf Nf879ca9421e64abcbd606f470381a7c9
    12 schema:keywords Internet communication
    13 Jaeger
    14 Poettering
    15 Rösler
    16 Stepanov
    17 additional guarantees
    18 area
    19 backward secrecy
    20 basic security properties
    21 breach
    22 caveats
    23 communication
    24 concept construction
    25 concern
    26 confidentiality
    27 construction
    28 degrades
    29 devices
    30 efficiency
    31 efficiency loss
    32 efficient construction
    33 encryption
    34 end-user devices
    35 era
    36 exposure
    37 forward secrecy
    38 guarantees
    39 healing
    40 information
    41 information breach
    42 information leaks
    43 leak
    44 levels
    45 local randomness
    46 loss
    47 mass surveillance
    48 messaging
    49 messaging protocol
    50 moderate efficiency loss
    51 modern protocols
    52 opposite side
    53 optimal guarantees
    54 optimal security
    55 paper
    56 point
    57 prices
    58 primitives
    59 privacy
    60 proof
    61 properties
    62 protocol
    63 public-key primitives
    64 randomness
    65 scheme
    66 secrecy
    67 secret state
    68 secure messaging
    69 secure messaging protocols
    70 security
    71 security degrades
    72 security properties
    73 security spectrum
    74 sessions
    75 side
    76 signals
    77 spectra
    78 standard techniques
    79 starting point
    80 state
    81 state exposure
    82 step
    83 strong security
    84 surveillance
    85 technical level
    86 technique
    87 update information
    88 work
    89 schema:name Efficient Ratcheting: Almost-Optimal Guarantees for Secure Messaging
    90 schema:pagination 159-188
    91 schema:productId N03b8ca54aeae4fbb954740763de3e38e
    92 N982c6f7b9491444d9d75bb336121a0ce
    93 schema:publisher N2c1025435c4c4e3eb243bb9abd359b1f
    94 schema:sameAs https://app.dimensions.ai/details/publication/pub.1114220768
    95 https://doi.org/10.1007/978-3-030-17653-2_6
    96 schema:sdDatePublished 2022-05-20T07:44
    97 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    98 schema:sdPublisher N896dadc49da0411588440f1576f1503b
    99 schema:url https://doi.org/10.1007/978-3-030-17653-2_6
    100 sgo:license sg:explorer/license/
    101 sgo:sdDataset chapters
    102 rdf:type schema:Chapter
    103 N03b8ca54aeae4fbb954740763de3e38e schema:name dimensions_id
    104 schema:value pub.1114220768
    105 rdf:type schema:PropertyValue
    106 N1acc022b071c4b8da58fc7c7d18e9cf3 rdf:first sg:person.013356446515.02
    107 rdf:rest N723377aacfa8410c9b708cfc2ed3b01b
    108 N1bef018e34cf4861809c2f144b1638ca rdf:first N52e1b8e9ed364daba2831d544b4459ac
    109 rdf:rest Ndb2077ed95954a67893bd8f482436ded
    110 N2c1025435c4c4e3eb243bb9abd359b1f schema:name Springer Nature
    111 rdf:type schema:Organisation
    112 N50879e71a72e4616b342ade0cddac8ee rdf:first sg:person.013734432247.31
    113 rdf:rest rdf:nil
    114 N52e1b8e9ed364daba2831d544b4459ac schema:familyName Ishai
    115 schema:givenName Yuval
    116 rdf:type schema:Person
    117 N723377aacfa8410c9b708cfc2ed3b01b rdf:first sg:person.01316567627.91
    118 rdf:rest N50879e71a72e4616b342ade0cddac8ee
    119 N896dadc49da0411588440f1576f1503b schema:name Springer Nature - SN SciGraph project
    120 rdf:type schema:Organization
    121 N982c6f7b9491444d9d75bb336121a0ce schema:name doi
    122 schema:value 10.1007/978-3-030-17653-2_6
    123 rdf:type schema:PropertyValue
    124 Nbe9c613f1d0d41aa85f6194fe93b4965 schema:familyName Rijmen
    125 schema:givenName Vincent
    126 rdf:type schema:Person
    127 Ndb2077ed95954a67893bd8f482436ded rdf:first Nbe9c613f1d0d41aa85f6194fe93b4965
    128 rdf:rest rdf:nil
    129 Nf879ca9421e64abcbd606f470381a7c9 schema:isbn 978-3-030-17652-5
    130 978-3-030-17653-2
    131 schema:name Advances in Cryptology – EUROCRYPT 2019
    132 rdf:type schema:Book
    133 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    134 schema:name Information and Computing Sciences
    135 rdf:type schema:DefinedTerm
    136 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
    137 schema:name Data Format
    138 rdf:type schema:DefinedTerm
    139 sg:person.01316567627.91 schema:affiliation grid-institutes:grid.5801.c
    140 schema:familyName Maurer
    141 schema:givenName Ueli
    142 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91
    143 rdf:type schema:Person
    144 sg:person.013356446515.02 schema:affiliation grid-institutes:grid.5801.c
    145 schema:familyName Jost
    146 schema:givenName Daniel
    147 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013356446515.02
    148 rdf:type schema:Person
    149 sg:person.013734432247.31 schema:affiliation grid-institutes:grid.5801.c
    150 schema:familyName Mularczyk
    151 schema:givenName Marta
    152 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013734432247.31
    153 rdf:type schema:Person
    154 grid-institutes:grid.5801.c schema:alternateName Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland
    155 schema:name Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland
    156 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...