Related papers: Defending Against Attack on the Cloned: In-Band Active Man-in-the-Middle Detection for the Signal Protocol

Defending Against Attack on the Cloned: In-Band Active Man-in-the-Middle Detection for the Signal Protocol

URL: http://arxiv.org/abs/2410.16098v1
Date: Mon, 21 Oct 2024 15:23:58 GMT
Title: Defending Against Attack on the Cloned: In-Band Active Man-in-the-Middle Detection for the Signal Protocol
Authors: Wil Liam Teng, Kasper Rasmussen,
Abstract summary: We present a solution to active Man-in-the-Middle (MitM) attacks on Signal. Our solution automates the process of key confirmation without relying on the intervention of users. We document the new security guarantees while preserving the existing security guarantees of Signal.
Score: 1.6114012813668932
License:
Abstract: With Signal's position as one of the most popular secure messaging protocols in use today, the threat of government coercion and mass surveillance, i.e., active Man-in-the-Middle (MitM) attacks, are more relevant than ever. On the other hand, studies [29, 33, 37, 38] have shown that user awareness is very poor when it comes to authenticating keys in instant messaging applications, e.g., comparing key fingerprints out-of-band. The ideal solution to this problem should not require the active participation of the users. Our solution to active MitM attacks builds directly on Signal. We automate the process of key confirmation without relying on the intervention of users, and without using an out-of-band communication channel, at the cost of slightly altered trust assumptions on the server. We consider a powerful active MitM that not only controls the communication channel, but also has (one time) access to all secrets on one of the clients, i.e., can perform a key compromise attack. Our solution utilises the server to keep track of the changes in the clients key fingerprint as ratcheting is performed. Given that the server can keep a message log already, we find that any impact on deniability is minimal in practice. We present our detailed modifications to Signal, and document the new security guarantees while preserving the existing security guarantees of Signal. Our proof-of-concept implementation, which is based on the open-source Signal library used in real-world instant messaging applications, shows that our solution is practical and integrates well with the library. Our experimental results further show that our solution only has a tiny performance overhead when compared to Signal.

Related papers

Securing UAV Communication: Authentication and Integrity [0.0]
We propose an authentication method to secure UAV data exchange over an insecure communication channel. Our solution combines Diffie-Hellman key exchange and Hash-based Message Authentication Code (HMAC) within ROS communication channels. Both drones successfully detected tampered keys, affirming our method's efficacy in protecting UAV communication.
arXiv Detail & Related papers (2024-10-06T22:36:06Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems [0.0]
We present a design that utilizes the Station to Station (STS) protocol with implicit certificates. We show that with a slight computational increase of 20% compared to a static ECDSA key derivation, we are able to mitigate many session-related security vulnerabilities.
arXiv Detail & Related papers (2023-11-19T22:40:21Z)
Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z)
Metadata Privacy Beyond Tunneling for Instant Messaging [0.0]
We show that deniable traffic achieves metadata privacy against strong adversaries. We show that existing state-of-the-art protocols can be extended to support metadata privacy. We implement and evaluate a proof-of-concept instant messaging system running DenIM on top of unmodified Signal.
arXiv Detail & Related papers (2022-10-23T16:32:35Z)
Certifiably Robust Policy Learning against Adversarial Communication in Multi-agent Systems [51.6210785955659]
Communication is important in many multi-agent reinforcement learning (MARL) problems for agents to share information and make good decisions. However, when deploying trained communicative agents in a real-world application where noise and potential attackers exist, the safety of communication-based policies becomes a severe issue that is underexplored. In this work, we consider an environment with $N$ agents, where the attacker may arbitrarily change the communication from any $CfracN-12$ agents to a victim agent.
arXiv Detail & Related papers (2022-06-21T07:32:18Z)
Locally Authenticated Privacy-preserving Voice Input [10.82818142802482]
Service providers must authenticate their users, although individuals may wish to maintain privacy. Preserving privacy while performing authentication is challenging, particularly where adversaries can use biometric data to train transformation tools. We introduce a secure, flexible privacy-preserving system to capture and store an on-device fingerprint of the users' raw signals.
arXiv Detail & Related papers (2022-05-27T14:56:01Z)
Spotting adversarial samples for speaker verification by neural vocoders [102.1486475058963]
We adopt neural vocoders to spot adversarial samples for automatic speaker verification (ASV) We find that the difference between the ASV scores for the original and re-synthesize audio is a good indicator for discrimination between genuine and adversarial samples. Our codes will be made open-source for future works to do comparison.
arXiv Detail & Related papers (2021-07-01T08:58:16Z)
Adversarial Attacks On Multi-Agent Communication [80.4392160849506]
Modern autonomous systems will soon be deployed at scale, opening up the possibility for cooperative multi-agent systems. Such advantages rely heavily on communication channels which have been shown to be vulnerable to security breaches. In this paper, we explore such adversarial attacks in a novel multi-agent setting where agents communicate by sharing learned intermediate representations.
arXiv Detail & Related papers (2021-01-17T00:35:26Z)
Backdoor Attack against Speaker Verification [86.43395230456339]
We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
arXiv Detail & Related papers (2020-10-22T11:10:08Z)
Towards Quantum-Secure Authentication and Key Agreement via Abstract Multi-Agent Interaction [7.673465837624366]
Current methods for authentication and key agreement based on public-key cryptography are vulnerable to quantum computing. We propose a novel approach based on artificial intelligence research in which communicating parties are viewed as autonomous agents. We release PyAMI, a prototype authentication and key agreement system based on the proposed method.
arXiv Detail & Related papers (2020-07-18T04:22:02Z)

This list is automatically generated from the titles and abstracts of the papers in this site.