One Protocol to Rule Them All? On Securing Interoperable Messaging

• URL: http://arxiv.org/abs/2303.14178v3
• Date: Sat, 9 Dec 2023 18:14:06 GMT
• Title: One Protocol to Rule Them All? On Securing Interoperable Messaging
• Authors: Jenny Blessing and Ross Anderson
• Abstract summary: European lawmakers have ruled that users should be able to exchange messages with each other. messaging interoperability opens up a Pandora's box of security and privacy challenges.
• Score: 3.2213245974344673
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: European lawmakers have ruled that users on different platforms should be able to exchange messages with each other. Yet messaging interoperability opens up a Pandora's box of security and privacy challenges. While championed not just as an anti-trust measure but as a means of providing a better experience for the end user, interoperability runs the risk of making the user experience worse if poorly executed. There are two fundamental questions: how to enable the actual message exchange, and how to handle the numerous residual challenges arising from encrypted messages passing from one service provider to another -- including but certainly not limited to content moderation, user authentication, key management, and metadata sharing between providers. In this work, we identify specific open questions and challenges around interoperable communication in end-to-end encrypted messaging, and present high-level suggestions for tackling these challenges.

Related papers

• Collaborative Inference over Wireless Channels with Feature Differential Privacy [57.68286389879283]
  Collaborative inference among multiple wireless edge devices has the potential to significantly enhance Artificial Intelligence (AI) applications. transmitting extracted features poses a significant privacy risk, as sensitive personal data can be exposed during the process. We propose a novel privacy-preserving collaborative inference mechanism, wherein each edge device in the network secures the privacy of extracted features before transmitting them to a central server for inference.
  arXiv  Detail & Related papers  (2024-10-25T18:11:02Z)
• Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
  We introduce a novel Mixture-of-Experts (MoE)-based SemCom system. This system comprises a gating network and multiple experts, each specializing in different security challenges. The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements. A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
  arXiv  Detail & Related papers  (2024-09-24T03:17:51Z)
• TIPS: Threat Sharing Information Platform for Enhanced Security [0.5384718724090648]
  This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel.
  arXiv  Detail & Related papers  (2024-03-08T10:50:49Z)
• Pudding: Private User Discovery in Anonymity Networks [9.474649136535705]
  Pudding is a novel private user discovery protocol. It hides contact relationships between users, prevents impersonation, and conceals which usernames are registered on the network. Pudding can be deployed on Loopix and Nym without changes to the underlying anonymity network protocol.
  arXiv  Detail & Related papers  (2023-11-17T19:06:08Z)
• InfoGuard: A Design and Usability Study of User-Controlled Application-Independent Encryption for Privacy-Conscious Users [1.2499537119440245]
  Billions of secure messaging users have adopted end-to-end encryption (E2EE) Most communication applications do not provide E2EE, and application silos prevent interoperability. We propose InfoGuard, a system enabling E2EE for user-to-user communication in any application.
  arXiv  Detail & Related papers  (2023-11-01T19:54:01Z)
• Multi-User MultiWOZ: Task-Oriented Dialogues among Multiple Users [51.34484827552774]
  We release the Multi-User MultiWOZ dataset: task-oriented dialogues among two users and one agent. These dialogues reflect interesting dynamics of collaborative decision-making in task-oriented scenarios. We propose a novel task of multi-user contextual query rewriting: to rewrite a task-oriented chat between two users as a concise task-oriented query.
  arXiv  Detail & Related papers  (2023-10-31T14:12:07Z)
• "Make Them Change it Every Week!": A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication [21.58767421554059]
  We aim to understand the accessibility and quality of online advice and provide insights into how online advice might contribute to (in)secure and (un)usable authentication. Based on a survey with 18 professional web developers, we obtained 406 documents and qualitatively analyzed 272 contained pieces of advice in depth. The most common advice is for password-based authentication, but little for more modern alternatives.
  arXiv  Detail & Related papers  (2023-09-01T21:41:23Z)
• SoK: Content Moderation for End-to-End Encryption [2.66512000865131]
  Messaging applications now enable end-to-end-encryption (E2EE) by default, and E2EE data storage is becoming common. These important advances for security and privacy create new content moderation challenges for online services. We bridge literature that is diverse in both content moderation subject matter, such as malware, spam, hate speech, terrorist content, and enterprise policy compliance.
  arXiv  Detail & Related papers  (2023-03-07T15:26:41Z)
• Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems [51.6210785955659]
  Communication is important in many multi-agent reinforcement learning (MARL) problems for agents to share information and make good decisions. However, when deploying trained communicative agents in a real-world application where noise and potential attackers exist, the safety of communication-based policies becomes a severe issue that is underexplored. In this work, we consider an environment with $N$ agents, where the attacker may arbitrarily change the communication from any $CfracN-12$ agents to a victim agent.
  arXiv  Detail & Related papers  (2022-06-21T07:32:18Z)
• MISC: A MIxed Strategy-Aware Model Integrating COMET for Emotional Support Conversation [64.37111498077866]
  We propose a novel model for emotional support conversation. It infers the user's fine-grained emotional status, and then responds skillfully using a mixture of strategy. Experimental results on the benchmark dataset demonstrate the effectiveness of our method.
  arXiv  Detail & Related papers  (2022-03-25T10:32:04Z)
• Differentially Private Multi-Agent Planning for Logistic-like Problems [70.3758644421664]
  This paper proposes a novel strong privacy-preserving planning approach for logistic-like problems. Two challenges are addressed: 1) simultaneously achieving strong privacy, completeness and efficiency, and 2) addressing communication constraints. To the best of our knowledge, this paper is the first to apply differential privacy to the field of multi-agent planning.
  arXiv  Detail & Related papers  (2020-08-16T03:43:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.