SoK: Secure Messaging

  title={SoK: Secure Messaging},
  author={Nik Unger and Sergej Dechand and Joseph Bonneau and Sascha Fahl and Henning Perl and Ian Goldberg and Matthew Smith},
  journal={2015 IEEE Symposium on Security and Privacy},
Motivated by recent revelations of widespread state surveillance of personal communication, many solutions now claim to offer secure and private messaging. This includes both a large number of new projects and many widely adopted tools that have added security features. The intense pressure in the past two years to deliver solutions quickly has resulted in varying threat models, incomplete objectives, dubious security claims, and a lack of broad perspective on the existing cryptographic… 

Tables from this paper

Poster: Can Johnny Authenticate?

A between-subjects study is conducted to analyze in detail how well users can locate and complete the authentication ceremony when they are aware of the need for authentication, and finds differences in key verification success rates.

SoK: Securing Email -- A Stakeholder-Based Analysis (Extended Version)

The tussle among stakeholders is used to explain the evolution of fragmented secure email solutions undertaken by industry, academia, and independent developers, and it is concluded that a one-size-fits-all solution is unlikely.

Deniable Key Exchanges for Secure Messaging

Spawn is introduced, the first non-interactive DAKE that offers forward secrecy and achieves deniability against both offline and online judges and an interactive dual-receiver cryptosystem that can improve the performance of the only existing interactive DAKE with competitive security properties is introduced.

Privacy and data protection in smartphone messengers

This paper analyzed the most prominent messenger apps with respect to privacy concepts, focusing not only on the transmission layer regarding the support of encrypted communication, but also attacks targeting the communication metadata, e.g. detecting the existence of communication between users.

A Comparison of Secure Messaging Protocols and Implementations

This thesis investigates protocols for end-to-end encrypted instant messaging, focusing on the existing implementations of one of the recent and popular such protocols, called Signal, and analyzing the most used secure messaging applications.

Usable Authentication Ceremonies in Secure Instant Messaging

A novel, explicitly user-oriented design process is called for to connect the ceremony design with the users’ mental models and to illustrate the user-centered design approach, three example ceremonies based on the users' suggestions and their security evaluation are provided.

Practical Traffic Analysis Attacks on Secure Messaging Applications

This paper devise traffic analysis attacks that enable an adversary to identify administrators as well as members of target IM channels with high accuracies, and designed and deployed an open-source, publicly available countermeasure system, called IMProxy, that can be used by IM clients with no need for any support from IM providers.

SoK: Securing Email - A Stakeholder-Based Analysis

A fresh look at the state of secure email is taken and open problems in the area are discussed.

Obstacles to the Adoption of Secure Communication Tools

It is found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools, and the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools.

Systematization of Threats and Requirements for Private Messaging with Untrusted Servers: The Case of e-Mailing and Instant Messaging

A list of threats against message delivering, archiving, and contact synchronization and a list of requirements intended for whom undertakes the task of implementing secure and private messaging are described.



How Secure is TextSecure?

It is formally prove that - if key registration is assumed to be secure - TextSecure's push messaging can indeed achieve most of the claimed security goals.

SafeSlinger: easy-to-use and secure public-key exchange

SafeSlinger is a system leveraging the proliferation of smartphones to enable people to securely and privately exchange their public keys, which establishes a secure channel offering secrecy and authenticity, which is used to support secure messaging and file exchange.

Off-the-record communication, or, why not to use PGP

This paper presents a protocol for secure online communication, called "off-the-record messaging", which has properties better-suited for casual conversation than do systems like PGP or S/MIME.

Secure Group Instant Messaging Using Cryptographic Primitives

A scheme, IBECRT, is proposed, which uses ID-based encryption and the Chinese Remainder Theorem, and achieves uniform work-load distribution and hiding the users' identity in a conference, authentication of senders, and integrity protection of the messages exchanged.

Johnny 2: a user test of key continuity management with S/MIME and Outlook Express

The first user study of KCM-secured email is presented, conducted on naïve users who had no previous experience with secure email, and concludes that KCM is a workable model for improving email security today, but work is needed to alert users to "phishing" attacks.

CONIKS: A Privacy-Preserving Consistent Key Service for Secure End-to-End Communication

This work presents CONIKS, a system that provides automated key management for end users capable of seamless integration into existing secure messaging applications and preserves user’s privacy by ensuring that adversaries cannot harvest large numbers of usernames from the directories.

A user study of off-the-record messaging

A user study of the OTR plugin for the Pidgin instant messaging client using the think aloud method finds a variety of usability flaws remaining in the design of OTR and discusses how these errors can be repaired, as well as identifies an area that requires further research to improve its usability.

Security Analysis of Accountable Anonymity in Dissent

The improved and hardened dissent protocol systematically addresses the delicate balance between provably hiding the identities of well-behaved users, while provably revealing the identity of disruptive users, a challenging task because many forms of misbehavior are inherently undetectable.

Multi-party off-the-record messaging

This paper identifies the properties of multi-party private meetings, the differences not only between the physical and electronic medium but also between two- and multi- party scenarios, which have important implications for the design of private chatrooms.

Proactively Accountable Anonymous Messaging in Verdict

Verdict is presented, the first practical anonymous group communication system built using proactively verifiable DC-nets: participants use public-key cryptography to construct DC-net ciphertexts, and use zero-knowledge proofs of knowledge to detect and exclude misbehavior before disruption.