Repository logo
 

Ghost trace on the wire? Using key evidence for informed decisions

Accepted version
Peer-reviewed

Type

Conference Object

Change log

Authors

Vasile, DA 
Thomas, DR 
Beresford, AR 

Abstract

Modern smartphone messaging apps now use end-to-end encryption to provide authenticity, integrity and confidentiality. Consequently, the preferred strategy for wiretapping such apps is to insert a ghost user by compromising the platform's public key infrastructure. The use of warning messages alone is not a good defence against a ghost user attack since users change smartphones, and therefore keys, regularly, leading to a multitude of warning messages which are overwhelmingly false positives. Consequently, these false positives discourage users from viewing warning messages as evidence of a ghost user attack. To address this problem, we propose collecting evidence from a variety of sources, including direct communication between smartphones over local networks and CONIKS, to reduce the number of false positives and increase confidence in key validity. When there is enough confidence to suggest a ghost user attack has taken place, we can then supply the user with evidence to help them make a more informed decision.

Description

Keywords

46 Information and Computing Sciences, 4604 Cybersecurity and Privacy, Clinical Research

Journal Title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Conference Name

Twenty-seventh International Workshop on Security Protocols

Journal ISSN

0302-9743
1611-3349

Volume Title

12287 LNCS

Publisher

Springer International Publishing

Rights

All rights reserved
Sponsorship
EPSRC (1453426)
Engineering and Physical Sciences Research Council (EP/M020320/1)
Engineering and Physical Sciences Research Council (EP/M508007/1)