|Keywords||Group messaging, out-of-band authentication,|
end-to-end encryption, man-in-the-middle attacks
|Current development stage||TRL4 Technology validated in lab|
While actively communicating at multiple messaging platforms, users are unable to authenticate their incoming messages given the ad-hoc nature of such interaction. Messaging platforms rely on “out-of-band” authentication for identifying man-in-the-middle attacks while securing end-to-end channels. Users are asked to compare with each other a value that is displayed by their devices. This value is derived, for example, from the cryptographic keys of the users, or more generally from the transcript of any key-exchange protocol that the users execute for setting up a secure end-to-end channel.
In the user-to-user setting, where two users would like to establish a secure end-to-end channel, practical and secure out-of-band authentication protocols are deployed by the existing platforms, supported by an in-depth theoretical understanding of their security. For example, WhatsApp users are asked to compare 240 bits, and Telegram users are asked to compare 288 bits.
In group chat setting, current protocols, each user independently execute a user-to-user out-of-band authentication protocol with the rest group members. The protocols are inefficient and complicated. For example, 32 WhatsAppTelegram users will execute 31 user-to-user protocols, and thus, use their own voice, to compare 7,4408,928 bits…
Practical and optimized out-of-band authentication in the group setting: A new protocol, based on fast symmetric cryptographic primitives, that provably provides the best-possible tradeoff between the number of users and the level security on one hand, and the numbers of bits that the users are asked to compare on the other hand. The practicality and security of the protocol are based on a complete theoretical characterization of out-of-band authentication in the group setting.
Using the new protocol, 32 users will have to compare only 85 bits overall, as opposed to 7,4408,928 bits using the existing protocols. Consequently, 1024 users will have to compare only 90 bits overall, as opposed to 245,520294,624 bits using the existing protocols. The protocol relies on a realistic and practical level of cooperation from the side of the users (who are asked compare only a small number of bits or characters), and thus finally realizes the premise of out-of-band authentication in the group setting.
All messaging platforms, and more generally all communication platforms, offering end-to-end encryption.
Granted US 11,095,452