2018 01 10
play

2018-01-10 Horst Grtz Institute for IT Security Chair for Network - PowerPoint PPT Presentation

Oct 14, 2022 •383 likes •891 views

On the End-to-End Security of Group Chats Real World Crypto 2018 2018-01-10 Horst Grtz Institute for IT Security Chair for Network and Data Security Paul Rsler , Christian Mainka, Jrg Schwenk On the End-to-End Security of Group Chats

  1. On the End-to-End Security of Group Chats Real World Crypto 2018 2018-01-10 Horst Görtz Institute for IT Security Chair for Network and Data Security Paul Rösler , Christian Mainka, Jörg Schwenk

  2. On the End-to-End Security of Group Chats Real World Crypto 2018 2018-01-10 Horst Görtz Institute for IT Security Chair for Network and Data Security Paul Rösler , Christian Mainka, Jörg Schwenk Or: Why what is doing is

  3. On the End-to-End Security of Group Chats Real World Crypto 2018 2018-01-10 Horst Görtz Institute for IT Security Chair for Network and Data Security Paul Rösler , Christian Mainka, Jörg Schwenk Or: Why what is doing is (in )

  4. Secure Group Instant Messaging: End-to-End • Dynamic group of users On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 4

  5. Secure Group Instant Messaging: End-to-End • Dynamic group of users • One central server On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 5

  6. Secure Group Instant Messaging: End-to-End • Dynamic group of users • One central server • End-to-end protection within protected transport layer • Server potentially malicious On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 6

  7. Agenda Chair for Network and Data Security Prof. Dr. Jörg Schwenk ▪ Security Model ▪ Protocol Overview and Weaknesses ▪ Signal ▪ WhatsApp ▪ (Threema) ▪ Problems and Solutions ▪ Traceable Delivery ▪ Closeness On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018

  8. Secure Group Instant Security Model Messaging: Two Parties Protocols & Weaknesses Problems & Solutions Confidentiality Integrity Two • • Message Confidentiality Message Authentication Groups Parties On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 8

  9. Secure Group Instant Security Model Messaging: Two Parties Protocols & Weaknesses Problems & Solutions Confidentiality Integrity • • Message Confidentiality Message Authentication • Two No Duplication Groups Parties • Traceable Delivery “Only successful delivery is acknowledged” Hey! Hi! On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 9

  10. Secure Group Instant Security Model Messaging: Groups Protocols & Weaknesses Problems & Solutions Confidentiality Integrity • • Message Confidentiality Message Authentication • Two No Duplication Parties Groups • Traceable Delivery • • Closeness No Creation “Only group (admin) decides on “Only successful delivery is membership” acknowledged” Hey! Hi! On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 10

  11. Security Model: Malicious Security Model Server Protocols & Weaknesses Problems & Solutions • Malicious Server • Can decrypt transport layer protection • E.g. IM provider, TLS certificate forger on network, ... On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 11

  12. Security Model: Malicious Security Model Server Protocols & Weaknesses Problems & Solutions • Malicious Server • Can decrypt transport layer protection • E.g. IM provider, TLS certificate forger on network, ... Traceable Closeness Delivery ? On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 12

  13. Security Model: Security Model Compromising Attacker Protocols & Weaknesses Problems & Solutions • Compromising Attacker • Access to members’ secrets • E.g. access to device, cryptanalysis, … Traceable Closeness Delivery ? On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 13

  14. Security Model: Security Model Compromising Attacker Protocols & Weaknesses Problems & Solutions • Compromising Attacker • Access to members’ secrets • E.g. access to device, cryptanalysis, … • Advanced Goals: • Forward Secrecy Secure Traceable Closeness • Future Secrecy Delivery (aka Post Compromise Security aka Backward Secrecy) ? Secure On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 14

  15. Security Model: Security Model Compromising Attacker Protocols & Weaknesses Problems & Solutions • Compromising Attacker • Access to members’ secrets • E.g. access to device, cryptanalysis, … • Advanced Goals: • Forward Secrecy Secure Traceable Closeness • Future Secrecy Delivery (aka Post Compromise Security aka Backward Secrecy) (Fut. Sec.) Secure On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 15

  16. Protocol Overview: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 16

  17. Protocol Overview: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 17

  18. Protocol Overview: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 18

  19. Protocol Overview: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 19

  20. Protocol Overview: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 20

  21. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 21

  22. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 22

  23. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 23

  24. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership • Traceable delivery by ack forgery * On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 24

  25. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership • Traceable delivery by ack forgery * On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 25

  26. Weaknesses: Signal Security Model Protocols & Weaknesses Problems & Solutions • Ciphertexts (ID static) • Acks (plain) • Group update as message • Forward and future secure key streams of direct communication • Group ID as proof of membership • Traceable delivery by ack forgery * On the End-to-End Security of Group Chats Real World Crypto 2018 | Paul Rösler | Zürich | 05.01.2018 26

Recommend

4/5/2018 1 4/5/2018 2 4/5/2018 3 4/5/2018 4 4/5/2018 5 4/5/2018 6 4/5/2018 7 4/5/2018

4/5/2018 1 4/5/2018 2 4/5/2018 3 4/5/2018 4 4/5/2018 5 4/5/2018 6 4/5/2018 7 4/5/2018

4/5/2018 1 4/5/2018 2 4/5/2018 3 4/5/2018 4 4/5/2018 5 4/5/2018 6 4/5/2018 7 4/5/2018 8 4/5/2018 Sesame Workshop Launches Groundbreaking Initiative to Help Children Cope with Traumatic Experiences http://www.sesameworkshop.or

496 views • 12 slides
3/26/2018 1 3/26/2018 2 3/26/2018 3 3/26/2018 4 3/26/2018 5 3/26/2018 6 3/26/2018 7

3/26/2018 1 3/26/2018 2 3/26/2018 3 3/26/2018 4 3/26/2018 5 3/26/2018 6 3/26/2018 7

3/26/2018 1 3/26/2018 2 3/26/2018 3 3/26/2018 4 3/26/2018 5 3/26/2018 6 3/26/2018 7 3/26/2018 8 3/26/2018 9 3/26/2018 $150 Million - $250 Million Economic Impact 1,500+ Jobs Created 10 3/26/2018 25-50 New Local Area Startups

507 views • 16 slides
June 2018 July 2018 July 2018 July 2018 July 2018 August 2018 August 2018 September 2018

June 2018 July 2018 July 2018 July 2018 July 2018 August 2018 August 2018 September 2018

June 2018 July 2018 July 2018 July 2018 July 2018 August 2018 August 2018 September 2018 Electr ectric V c Vehicle C Chargi ging g Stati tations We currently have 4 duel ChargePoint CT4000 charging stations with ports to charge 8

809 views • 15 slides
Q2 2018 results August 8, 2018 Q2 2018 Highlights Q2 2018 Results Q2 2018 Highlights Solid

Q2 2018 results August 8, 2018 Q2 2018 Highlights Q2 2018 Results Q2 2018 Highlights Solid

Q2 2018 results August 8, 2018 Q2 2018 Highlights Q2 2018 Results Q2 2018 Highlights Solid Q2 18 financial results, with organic growth in net revenues spanning across all reportable segments and strong trailing twelve- 3 month free

729 views • 21 slides
Bulbs as Companion Plants Jill Selinger February 1, 2018 1 2/8/2018 2 2/8/2018 Anemone

Bulbs as Companion Plants Jill Selinger February 1, 2018 1 2/8/2018 2 2/8/2018 Anemone

2/8/2018 Bulbs as Companion Plants Jill Selinger February 1, 2018 1 2/8/2018 2 2/8/2018 Anemone blanda Wind Flower 3 2/8/2018 Crocus tommasinianus Tommy Crocus 4 2/8/2018 Muscari Grape Hyacinth 5 2/8/2018 6 2/8/2018 Scilla

750 views • 26 slides
4/14/2018 1 4/14/2018 2 4/14/2018 General % Neuropsych %

4/14/2018 1 4/14/2018 2 4/14/2018 General % Neuropsych %

4/14/2018 1 4/14/2018 2 4/14/2018 General % Neuropsych % Obesity 90 Lability,euphoria,insomnia, Hypertension 85 depression,psychosis 85 Skin Gonadal

795 views • 50 slides
Net-FM v 4.1.0: an Introduction ICC 2018 ICC 2018 Net-FM v 4.1.0: an Introduction presented by

Net-FM v 4.1.0: an Introduction ICC 2018 ICC 2018 Net-FM v 4.1.0: an Introduction presented by

Net-FM v 4.1.0: an Introduction ICC 2018 ICC 2018 Net-FM v 4.1.0: an Introduction presented by Anthony J. Bunker QA & Implementation Manager November 8, 2018 Slide 1 Our objectives ICC 2018 ICC 2018 Highlight the key features and

143 views • 13 slides
2018 Webinar Series Webinar 2 April 3, 2018 2018 Sponsors 1 4/3/2018 Mark Your Calendar!

2018 Webinar Series Webinar 2 April 3, 2018 2018 Sponsors 1 4/3/2018 Mark Your Calendar!

4/3/2018 2018 Webinar Series Webinar 2 April 3, 2018 2018 Sponsors 1 4/3/2018 Mark Your Calendar! Tuesday May 1 7:00 p.m. (Central) Dr. Dan Thomson Feedyard Animal Health AHA Chief Operating Officer and Director of Breed

620 views • 17 slides
Q3-2018 Thailand Sustainability CG SCORE 2018 Investment 2018 (THSI) 2018 BBB+ (tha)

Q3-2018 Thailand Sustainability CG SCORE 2018 Investment 2018 (THSI) 2018 BBB+ (tha)

COMPANY PROFILE Q3-2018 Thailand Sustainability CG SCORE 2018 Investment 2018 (THSI) 2018 BBB+ (tha) AGENDA COMPANY OVERVIEW 3Q18 HIGHLIGHTS PROJECTS UPDATE FINANCIAL PERFORMANCE 2 OUR SERVICES: * % = Revenue Contribution 60.3%

730 views • 42 slides
Woking High School and Tag Rugby Trust Tour to Zambia July 2018 1 29/01/2018 1 29/01/2018 1

Woking High School and Tag Rugby Trust Tour to Zambia July 2018 1 29/01/2018 1 29/01/2018 1

Woking High School and Tag Rugby Trust Tour to Zambia July 2018 1 29/01/2018 1 29/01/2018 1 29/01/2018 1 Mrs Abbott 2 29/01/2018 2 29/01/2018 2 29/01/2018 2 Current situation of visit Flights booked 28 th December confirmed 5

693 views • 24 slides
What is LiDAR? 15 07/12/2018 16 16 07/12/2018 17 17 07/12/2018 First return data from the

What is LiDAR? 15 07/12/2018 16 16 07/12/2018 17 17 07/12/2018 First return data from the

What is LiDAR? 15 07/12/2018 16 16 07/12/2018 17 17 07/12/2018 First return data from the LiDAR (from the canopy) 18 07/12/2018 LiDAR data (25cm) following initial processing (vegetation removal) Historic England (2018) Using

319 views • 30 slides
SUPERINTENDENTS RECOMMENDATIONS October 23, 2018 #112LEADS 2016-2018 2018 Unofficial Data -

SUPERINTENDENTS RECOMMENDATIONS October 23, 2018 #112LEADS 2016-2018 2018 Unofficial Data -

Long-Range Planning SUPERINTENDENTS RECOMMENDATIONS October 23, 2018 #112LEADS 2016-2018 2018 Unofficial Data - 2018 data to be shared by state of IL 10/30/2018 www.illinoisreportcard.com 2018 54% of 3rd-8th grade students meet/exceed

555 views • 33 slides
2018 Triennial Review Public Listening Sessions May 15, 2018: London, KY May 17, 2018:

2018 Triennial Review Public Listening Sessions May 15, 2018: London, KY May 17, 2018:

2018 Triennial Review Public Listening Sessions May 15, 2018: London, KY May 17, 2018: Frankfort, KY May 24, 2018: Bowling Green, KY June 5, 2018: Calvert City, KY Andrea Fredenburg Water Quality Branch Kentucky Division of Water To Protect

455 views • 20 slides
2018 HA 2018 HALF Y YEAR R RESULT LTS 26 JULY 2018 H1 2018 Another period of delivery

2018 HA 2018 HALF Y YEAR R RESULT LTS 26 JULY 2018 H1 2018 Another period of delivery

2018 HA 2018 HALF Y YEAR R RESULT LTS 26 JULY 2018 H1 2018 Another period of delivery Strong financial results and capital structure Disciplined capital allocation improving portfolio scale and quality, reducing risk Operational

691 views • 51 slides
Data Supplied For: 2018-19 Board 2018-19 Approved 2018-19 2018-19 Original Operating

Data Supplied For: 2018-19 Board 2018-19 Approved 2018-19 2018-19 Original Operating

Second Interim Etiwanda Elementary TABLE OF CONTENTS 36 67702 0000000 San Bernardino County Form TCI G = General Ledger Data; S = Supplemental Data Data Supplied For: 2018-19 Board 2018-19 Approved 2018-19 2018-19 Original Operating

1.84k views • 145 slides
2018 2018 Bu Budget t Report ort Western PA Annual Conference 6/9/2017 1 The he 2018 2018

2018 2018 Bu Budget t Report ort Western PA Annual Conference 6/9/2017 1 The he 2018 2018

2018 2018 Bu Budget t Report ort Western PA Annual Conference 6/9/2017 1 The he 2018 2018 Bud udget 1. The proposed budget before you has been prepared to provide a reasonable level of funding for all areas. 2. The plan is to maintain

412 views • 13 slides
VIRTUAL L PR PROGRAMMATI TIC DA DAY H1 2018 H1 2018 19 April 2018 #I #IAB ABEUVPD

VIRTUAL L PR PROGRAMMATI TIC DA DAY H1 2018 H1 2018 19 April 2018 #I #IAB ABEUVPD

VIRTUAL L PR PROGRAMMATI TIC DA DAY H1 2018 H1 2018 19 April 2018 #I #IAB ABEUVPD WELCOME Simon Halstead Chair, IAB Europe Programmatic Trading Committee and Head of Open Demand International, Oath To Todays agenda 10.40-10.50

486 views • 21 slides
9M-2018 RESULTS PRESENTATION TO FINANCIAL ANALYSTS OCTOBER 24 TH , 2018 9M-2018 Results: Net

9M-2018 RESULTS PRESENTATION TO FINANCIAL ANALYSTS OCTOBER 24 TH , 2018 9M-2018 Results: Net

9M-2018 RESULTS PRESENTATION TO FINANCIAL ANALYSTS OCTOBER 24 TH , 2018 9M-2018 Results: Net income at 98.2m; RoATE stands at 8.2% 1 2 3 4 9M-2018 9M-2018 KEY TAKE AWAYS APPENDICES HIGHLIGHTS RESULTS & OUTLOOK 2 9M-2018

602 views • 27 slides
2Q 2018 Financial Results (1 Apr 2018 to 30 Jun 2018) 6 August 2018 Important Notice This

2Q 2018 Financial Results (1 Apr 2018 to 30 Jun 2018) 6 August 2018 Important Notice This

2Q 2018 Financial Results (1 Apr 2018 to 30 Jun 2018) 6 August 2018 Important Notice This presentation shall be read in conjunction with Manulife US REITs financial results announcement dated 6 August 2018 published on SGX Net. This

541 views • 35 slides
1Q 2018 Financial Results (1 Jan 2018 to 31 Mar 2018) 30 April 2018 Important Notice This

1Q 2018 Financial Results (1 Jan 2018 to 31 Mar 2018) 30 April 2018 Important Notice This

1Q 2018 Financial Results (1 Jan 2018 to 31 Mar 2018) 30 April 2018 Important Notice This presentation shall be read in conjunction with Manulife US REITs financial results announcement dated 2 May 2017 published on SGX Net. This

546 views • 30 slides
Brane Brain (Neuroscience) (Superstring theory) 2 Deep Learning cat AdS/CFT [Maldacena

Brane Brain (Neuroscience) (Superstring theory) 2 Deep Learning cat AdS/CFT [Maldacena

KIAS, 26 March, 2018 Cquest, Sogang u., 29 March, 2018 MIT, CTP, 4 Apr, 2018 MPI, AEI, 13 Apr, 2018 H ET group, Osaka, 30 May, 2018 DLAP2018 workshop, 1 June, 2018 Deep Learning and AdS/CFT Koji Hashimoto (Osaka u) ArXiv:1802.08313 w/ S.

405 views • 27 slides
2018-19 B 2018 19 Bud udget Proposal al Pre resentation D Dates Administrative February

2018-19 B 2018 19 Bud udget Proposal al Pre resentation D Dates Administrative February

Middle letown City ty S Sch chool D Distr tric ict 2018-19 B 2018 19 Bud udget Proposal al Pre resentation D Dates Administrative February 13, 2018 Capital, Benefits March 1, 2018 Revenue Discussion - March 15, 2018 2018

484 views • 7 slides
2018 First-Half Results (January 1, 2018 June 30, 2018) Video Webcast July 26, 2018

2018 First-Half Results (January 1, 2018 June 30, 2018) Video Webcast July 26, 2018

2018 First-Half Results (January 1, 2018 June 30, 2018) Video Webcast July 26, 2018 DISCLAIMER The financial statements for the six months ended June 30, 2017 and June 30, 2018 have been subject to a review by the auditors. All

546 views • 28 slides
IS-BAO 2018 Standard Differences October 2018 Why are we here today? The IS-BAO 2018

IS-BAO 2018 Standard Differences October 2018 Why are we here today? The IS-BAO 2018

IS-BAO 2018 Standard Differences October 2018 Why are we here today? The IS-BAO 2018 Standards structure is significantly improved from previous editions. This training will highlight these changes and orient operators to the new

296 views • 27 slides

More recommend