Paper 2023/228
Authenticated Continuous Key Agreement: Active MitM Detection and Prevention
Abstract
Current messaging protocols are incapable of detecting active man-in-the-middle threats. Even common continuous key agreement protocols such as Signal, which offers forward secrecy and post-compromise security, are dependent on the adversary being passive immediately following state compromise, and healing guarantees are lost if the attacker is not. This work offers the first solution for detecting active man-in-the-middle attacks on such protocols by extending authentication beyond the initial public keys and binding it to the entire continuous key agreement. In this, any adversarial fork is identifiable to the protocol participants. We provide a modular construction generic for application with any continuous key agreement protocol, a specific construction for application to Signal, and security analysis. The modularity of our solution enables it to be seamlessly adopted by any continuous key agreement protocol.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- AuthenticationContinuous Key Agreement (CKA)Signal
- Contact author(s)
- britta hale @ nps edu
- History
- 2023-02-21: approved
- 2023-02-20: received
- See all versions
- Short URL
- https://ia.cr/2023/228
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2023/228, author = {Benjamin Dowling and Britta Hale}, title = {Authenticated Continuous Key Agreement: Active {MitM} Detection and Prevention}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/228}, year = {2023}, url = {https://eprint.iacr.org/2023/228} }