2022
DOI: 10.1007/978-3-031-15802-5_27
|View full text |Cite
|
Sign up to set email alerts
|

A More Complete Analysis of the Signal Double Ratchet Algorithm

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
6
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
3

Relationship

0
8

Authors

Journals

citations
Cited by 17 publications
(6 citation statements)
references
References 42 publications
0
6
0
Order By: Relevance
“…Key confirmation [24] allows one party to ascertain that the second (possibly unidentified) party indeed possesses a specific secret key (or all keying material necessary for its computation). Backward secrecy [25] ensures that compromising long-term keys does not compromise keys from past sessions. Key agreement [26] employs dynamic key management to derive new session keys.…”
Section: Protocol Security Propertiesmentioning
confidence: 99%
“…Key confirmation [24] allows one party to ascertain that the second (possibly unidentified) party indeed possesses a specific secret key (or all keying material necessary for its computation). Backward secrecy [25] ensures that compromising long-term keys does not compromise keys from past sessions. Key agreement [26] employs dynamic key management to derive new session keys.…”
Section: Protocol Security Propertiesmentioning
confidence: 99%
“…Output 𝑐 𝐴𝐵 , 𝑧 𝐴𝐵 , 𝑐 𝐽 , 𝑧 𝐽 , 𝐸 𝐴 , 𝑅 𝐴 , 𝑅 𝐵 , 𝑘 rel , NOTRY-Kex-Sim transcript, Enc (𝑘 rel , (𝑐 𝐴 , 𝑧 𝐴 , 𝑠 𝐴 )) , Enc (𝑘 rel , (𝑐 𝐵 , 𝑧 𝐵 )). secrecy of ratcheted key generation mechanisms is studied extensively by Alwen et al [1] and Bienstock et al [10]. (4) Post-specified peer [21]: Instead of specifying the identity of the intended peer when initiating NOTRY-Kex, parties learn the identity of their peers during protocol execution.…”
Section: Notry Security Goalsmentioning
confidence: 99%
“…We, therefore, compare it against Signal, which represents the best-in-class for secure messaging with deniability. Additional overhead is paid for a UC-secure Signal [10]. Therefore, we implement NOTRY without a straight-line compiler for a fair comparison.…”
Section: Real World Evaluationmentioning
confidence: 99%
“…Moreover, it is weak robust when C is generated by the Ecn algorithm. 6 This essentially employs a generic construction of anonymous broadcast encryption proposed by Libert et al [33].…”
Section: Proposed Sgm Protocol Providing Membership Privacymentioning
confidence: 99%
“…The Signal protocol consists of two subprotocols, X3DH (Extended Triple Diffie-Hellman) and double ratcheting, and Hashimoto et al [3] and Alwen et al [4] proposed a generic construction, respectively. Analyzing the Signal protocol is still an ongoing research area, e.g., [5,6]. In addition to two-party messaging, secure group messaging (SGM) protocols also have been proposed [7][8][9][10][11][12][13][14].…”
Section: Introduction 1backgroundmentioning
confidence: 99%