ProvSec 2015: Provable Security pp 183-197 | Cite as
Efficient Key Authentication Service for Secure End-to-End Communications
Abstract
After four decades of public key cryptography, both the industry and academia seek better solutions for the public key infrastructure. A recent proposal, the certificate transparency concept, tries to enable untrusted servers act as public key servers, such that any key owner can verify that her key is kept properly at those servers. Unfortunately, due to high computation and communication requirements, existing certificate transparency proposals fail to address the problem as a whole.
We propose a new efficient key authentication service (KAS). It uses server-side gossiping as the source of trust, and assumes servers are not all colluding. KAS stores all keys of each user in a separate hash chain, and always shares the last ring of the chain among the servers, ensuring the users that all servers provide the same view about them (i.e., no equivocation takes place). Storing users’ keys separately reduces the server and client computation and communication dramatically, making our KAS a very efficient way of public key authentication. The KAS handles a key registration/change operation in O(1) time using only O(1) proof size; independent of the number of users. While the previous best proposal, CONIKS, requires the client to download 100 KB of proof per day, our proposal needs less than 1 KB of proof per key lifetime, while obtaining the same probabilistic guarantees as CONIKS.
Keywords
Certificate transparency End-to-end encryptionNotes
Acknowledgement
We would like to acknowledge the support of TÜBİTAK, the Scientific and Technological Research Council of Turkey, under project number 114E487.
References
- 1.Barenghi, A., Beretta, M., Federico, A.D., Pelosi, G.: Snake: An end-to-end encrypted online social network. In: HPCC, pp. 763–770. IEEE (2014)Google Scholar
- 2.Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefMATHGoogle Scholar
- 3.Etemad, M., Küpçü, A.: Efficient for secure end-to-end communications. Cryptology ePrint Archive, Report 2015/833 (2015)Google Scholar
- 4.Gallagher, P., Kerry, C.: Digital signature standard (dss). NIST, 2013. FIPS PUB 186–4Google Scholar
- 5.Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM 17(2), 281–308 (1988)MathSciNetCrossRefMATHGoogle Scholar
- 6.Laurie, B., Kasper, E.: Revocation transparency. Google Research (2012). http://www.links.org/ files/RevocationTransparency.pdf. Accessed on 20 April 2015
- 7.Laurie, B., Langley, A., Kasper, E.: Rfc 6962: Certificate transparency (2013)Google Scholar
- 8.Melara, M.S., Blankstein, A., Bonneau, J., Freedman, M.J., Felten, E.W.: Coniks: A privacy-preserving consistent key service for secure end-to-end communication (2014)Google Scholar
- 9.Naor, M., Nissim, K.: Certificate revocation and certificate update. IEEE J. Sel. Areas Commun. 18(4), 561–570 (2000)CrossRefGoogle Scholar
- 10.Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefMATHGoogle Scholar
- 11.Ryan, M.D.: Enhanced certificate transparency and end-to-end encrypted mail. The Internet Society, Proceedings of NDSS (2014)Google Scholar
- 12.Weber, S.G.: Enabling end-to-end secure communication with anonymous and mobile receivers - an attribute-based messaging approach. Cryptology ePrint Archive, Report 2013/478 (2013)Google Scholar
- 13.Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: improving ssh-style host authentication with multi-path probing. In: USENIX, pp. 321–334 (2008)Google Scholar