Towards secure asynchronous messaging with forward secrecy and mutual authentication
Instant messaging applications like WhatsApp and iMessage have been widely used to exchange public and private information for both individuals and organizations. At the same time, the asynchronicity nature of these applications also introduces various security issues. To this end, considerable efforts have been made to strengthen the security and privacy of these applications, where a major goal is to capture the forward secrecy of asynchronous messaging without sacrificing other reasonable security properties. In this paper, we mainly focus on forward-secure zero round-trip time (0-RTT) key exchange protocols. Such a protocol enables a user to send the encrypted application data along with the first protocol message, and thus is especially suitable for securing asynchronous messaging. Concretely, we introduce a new cryptographic primitive dubbed as puncturable identity-based matchmaking key encapsulation mechanism (PIB-MKEM). It captures the authenticity of ciphertexts, and also allows a receiver to repeatedly update his/her secret key with a puncture algorithm. Based on PIB-MKEM, we further put forth a generic construction of 0-RTT key exchange protocol that enjoys forward secrecy and mutual authentication as well as replay resistance in parallel. We also present a concrete construction of PIB-MKEM, which immediately instantiates the above generic 0-RTT key exchange protocol. Moreover, we implement the proposed PIB-MKEM construction, and provide extensive evaluations to demonstrate its practicability.
Open Access Status
This publication is not available as open access
National Natural Science Foundation of China