Related papers: Kintsugi: Decentralized E2EE Key Recovery
The advent of end-to-end encrypted (E2EE) messaging and backup services has brought new challenges for usable authentication. Compared to regular web services, the nature of E2EE implies that the provider cannot recover data for users who…
In the era of social media and messaging applications, people are becoming increasingly aware of data privacy issues associated with such apps. Major messaging applications are moving towards end-to-end encryption (E2EE) to give their users…
End-to-End Encryption (E2EE) aims to make all messages impossible to read by anyone except you and your intended recipient(s). Many well-known and widely used Instant-Messaging (IM) applications (such as Signal, WhatsApp, and Apple's…
Human memory is not perfect - people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover…
End-to-end encrypted (E2EE) messaging is an essential first step in providing message confidentiality. Unfortunately, all security guarantees of end-to-end encryption are lost when keys or plaintext are disclosed, either due to device…
Cloud computing for storing data and running complex algorithms have been steadily increasing. As connected IoT devices such as wearable ECG recorders generally have less storage and computational capacity, acquired signals get sent to a…
Security against simple eavesdropping attacks is demonstrated for a recently proposed quantum key distribution protocol which uses the Fibonacci recursion relation to enable high-capacity key generation with entangled photon pairs. No…
Users' devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys. We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server.…
The disruptive technology of blockchain can deliver secure solutions without the need for a central authority. In blockchain protocols, assets that belong to a participant are controlled through the private key of an asymmetric key pair…
End-to-end encryption (E2EE) has emerged as a fundamental element of modern digital communication, protecting data from unauthorized access during transmission. By design, E2EE ensures that only the intended recipient can decrypt the…
The content host services (like Dropbox, OneDrive, and Google Drive) used by enterprise customers are deployed either on premise or in cloud. Because users may store business-sensitive data (contents) in these hosting services, they may…
In this paper, we proposed an identification and data encrypt key manage protocol that can be used in some security system based on such secure devices as secure USB memories or RFIDs, which are widely used for identifying persons or other…
In secure Online Social Networks (OSN), often end-to-end encryption approaches are used. This ensures the privacy of communication between the participants. To manage, store, or transfer the cryptographic keys from one device to another…
An attacker that gains access to a cryptocurrency user's private keys can perform any operation in her stead. Due to the decentralized nature of most cryptocurrencies, no entity can revert those operations. This is a central challenge for…
We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated key exchange (PAKE). This not…
We explore an emerging threat model for end-to-end (E2E) encrypted applications: an adversary sends chosen messages to a target client, thereby "injecting" adversarial content into the application state. Such state is subsequently encrypted…
Device-independent quantum cryptographic schemes aim to guarantee security to users based only on the output statistics of any components used, and without the need to verify their internal functionality. Since this would protect users…
Many users would prefer the privacy of end-to-end encryption in their online communications if it can be done without significant inconvenience. However, because existing key distribution methods cannot be fully trusted enough for automatic…
A fundamental concern of any secure group communication system is key management and wireless environments create new challenges. One core requirement in these emerging networks is self-healing. In systems where users can be offline and…
The rapid development of IoT networks has led to a research trend in designing effective security features for them. Due to the power-constrained nature of IoT devices, the security features should remain as lightweight as possible.…