Overview
Syllabus
Intro
E2E Encrypted Communication Today
Unsolved: How do users establish trust?
Out-of-Band Trust Est. = Unintuitive
Trust Est. by the Provider - Better?
Malicious Provider can Equivocate
Pros/Cons of Existing Trust Establishment
Ideal Trust Establishment Properties
Existing Approach: Verifying Correctness
Our Approach: Verifying Consistency
Solution: CONIKS
CONIKS - Registering a Key
CONIKS-Learning a User's Key
Strawman Consistency Checks: Verify All Bindings
CONIKS: Efficient Checks thru "Summaries"
CONIKS - Main Security Properties
1. Expected Bindings incl. in STR - Auth Paths
1. Checking Inclusion - Verify Auth Path
2. Non-Equivocation - STR History
2. Non-Equivocation - Clients see same STRS
2. Checking Non-Equivocation - Cross-Verification
Privacy Challenges in CONIKS
Main Performance Questions
CONIKS' Performance is Practical!
Conclusion
Taught by
USENIX