Multi-party off-the-record messaging

@inproceedings{Goldberg2009MultipartyOM,
  title={Multi-party off-the-record messaging},
  author={Ian Goldberg and Berkant Ustaoglu and Matthew Van Gundy and Hao Chen},
  booktitle={CCS},
  year={2009}
}
Most cryptographic algorithms provide a means for secret and authentic communication. However, under many circumstances, the ability to repudiate messages or deny a conversation is no less important than secrecy and authenticity. For whistleblowers, informants, political dissidents and journalists --- to name a few --- it is most important to have means for deniable conversation, where electronic communication must mimic face-to-face private meetings. Off-the-Record Messaging, proposed in 2004… Expand
Improved group off-the-record messaging
TLDR
This work proposes an improved group OTR (GOTR) protocol that provides unconditional repudiability, and shows how to obtain data origin authentication given this level of repudiability. Expand
mpENC Multi-Party Encrypted Messaging Protocol design document
TLDR
This document is a technical overview and discussion of the work, a protocol for secure group messaging, which provides everything needed to run a messaging session between real users on top of a real transport protocol. Expand
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees
TLDR
This work presents a design called Asynchronous Ratcheting Trees (ART), which uses tree-based Diffie-Hellman key exchange to allow a group of users to derive a shared symmetric key even if no two are ever online at the same time. Expand
SoK: Secure Messaging
TLDR
This paper evaluates and systematize current secure messaging solutions and proposes an evaluation framework for their security, usability, and ease-of-adoption properties, and identifies three key challenges and map the design landscape for each: trust establishment, conversation security, and transport privacy. Expand
A Cryptographic Look at Multi-party Channels
TLDR
A modular and yet efficient protocol that leverages (non-cryptographic) broadcast and standard cryptographic primitives to a full-fledged broadcast channel that provably meets the security notions put forth. Expand
Weak and Strong Deniable Authenticated Encryption: On their Relationship and Applications
TLDR
It is shown that Bob can still securely authenticate messages from Alice after all his secret information is revealed to the adversary, but only when using a weakly (but not strongly) deniable scheme. Expand
O2TR: Offline Off-the-Record (OTR) Messaging
TLDR
This work extends the conventional OTR into a new protocol named offline OTR, which makes the conversation parties be able to handle an offline message even when a session connection is lost and provides an efficient session refreshment which is about \(34\%\) faster than the original OTR. Expand
On the Relationship Between Weak and Strong Deniable Authenticated Encryption
TLDR
It is shown that Bob can still securely authenticate messages from Alice after all his secret information is revealed to the adversary, but only when using a weakly (but not strongly) deniable scheme. Expand
With one it is easy, with many it gets complicated: Understanding Channel Security for Groups
TLDR
A set of formal definitions of security goals for broadcast communication are developed, capturing targets like confidentiality and authenticity, and an efficient protocol is designed that requires only reliable point-to-point links between users and a standard cryptographic building block is designed, achieving all security goals defined in this paper. Expand
A Comparison of Secure Messaging Protocols and Implementations
TLDR
This thesis investigates protocols for end-to-end encrypted instant messaging, focusing on the existing implementations of one of the recent and popular such protocols, called Signal, and analyzing the most used secure messaging applications. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 25 REFERENCES
Off-the-record communication, or, why not to use PGP
TLDR
This paper presents a protocol for secure online communication, called "off-the-record messaging", which has properties better-suited for casual conversation than do systems like PGP or S/MIME. Expand
Off-the-Record Instant Messaging for Group Conversation
TLDR
This project implements an extension of the two-party OTR protocol, named Group OTR-GOTR, which enables users to have a free and secure multi-user communication environment with no proprietary software requirement. Expand
Secure off-the-record messaging
TLDR
A security analysis of OTR is presented showing that, while the overall concept of the system is valid and attractive, the protocol suffers from security shortcomings due to the use of an insecure key-exchange protocol and other problematic design choices. Expand
Improved user authentication in off-the-record messaging
TLDR
This work looks at improving the usability of Off-the-Record Messaging, a popular privacy plugin for instant messaging software, by using a solution to the Socialist Millionaires' Problem to provide the same level of privacy and authentication as in older versions of OTR, but it no longer requires that the user understand any difficult concepts such as keys or fingerprints. Expand
Deniable authentication and key exchange
TLDR
It is remarked that the deniability of SKEME and SIGMA holds in a concurrent setting and does not essentially rely on the random oracle model. Expand
Secure Public Instant Messaging
TLDR
This work presents the Instant Messaging Key Exchange (IMKE) protocol as a step towards secure IM, intended to be embedded in popular IM protocols, not to function as another independent messaging protocol. Expand
A Protocol for Secure Public Instant Messaging
TLDR
This work presents the Instant Messaging Key Exchange (IMKE) protocol as a step towards secure IM, and based on the implementation of IMKE using the Jabber protocol, provides insights on how IMKE may be integrated with popular IM protocols. Expand
Comparing the pre- and post-specified peer models for key agreement
TLDR
The Canetti-Krawczyk security models and definitions are enhanced to encompass a class of protocols that are executable and secure in both the pre- and post-specified peer models. Expand
Deniable Encryption
TLDR
Simple constructions that transform sender-deniable schemes into receiver-deniability schemes and vice-versa are described, with respect to schemes that encrypt only one bit at a time. Expand
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
TLDR
This work considers two possible notions of authenticity for authenticated encryption schemes, namely integrity of plaintexts and integrity of ciphertexts, and relates them to the standard notions of privacy IND-CCA and NM-CPA by presenting implications and separations between all notions considered. Expand
...
1
2
3
...