2 Accepted Papers at CRYPTO 2023
The first paper is titled "Security Analysis of the WhatsApp End-to-End Encrypted Backup Protocol" and was written by Gareth T. Davies, Kai Gellert, Tobias Handirk, Máté Horvath and Tibor Jager from our group in cooperation with Sebastian Haller (IBM Research Europe, ETH Zurich) and Julia Hesse (IBM Research Zurich). We provide the first formal security analysis of the WhatsApp end-to-end encrypted backup protocol and show that it indeed provides strong protection of users' chat histories. We also show that a compromised server can, under certain conditions, make more password guesses than what previous analysis suggests.
The second paper is titled "On Optimal Tightness for Key Exchange with Full Forward Secrecy via Key Confirmation" and was written by Kai Gellert and Tibor Jager from our group in cooperation with Kristian Gjøsteen (NTNU Norway) and Håkon Jacobsen (Thales Norway, University of Oslo). We analyze that upgrading a key exchange protocol from weak forward secrecy and implicit authentication to full forward secrecy and explicit authentication via standard key confirmation messages always incurs a linear tightness loss in the number of users, uncovering a flaw in a previous tightness analysis by Cohn-Gorden et al. (CRYPTO 2019). In this work, we restore the original claim by Cohn-Gordon et al. by using a different proof strategy.
Both papers will be presented at the CRYPTO 2023 conference in Santa Barbara, USA, which will take place from August 19-24 this year.