End-to-end encryption: Behind the scenes
A talk at
University of Cambridge Computer Laboratory,
Cambridge, UK, 26 Oct 2016
This is a joint talk with Diana Vasile, a repeat of a
talk we previously gave at Strange Loop.
Everyone is talking about “cloud computing”, a marketing term for “renting time on someone else’s
computers on the internet”. While the cloud is great from an efficiency point of view, it is
a potential security nightmare: applications have to blindly trust cloud providers that they will
preserve the integrity of the data and prevent unauthorised access. Data breaches and compromises of
cloud providers are a serious risk.
End-to-end encryption allows us to avoid having to blindly trust the servers. An early example is
PGP/GnuPG encrypted email, which never went mainstream, but more recent secure messaging apps like
WhatsApp, Signal and iMessage have shown that it is feasible for millions of people to use
end-to-end encryption without being security experts.
How do these protocols actually work? In this talk, we will give a friendly introduction to secure
messaging protocols — to understand the threats against which they defend, and how cryptographic
operations are combined to implement those defences in the protocol. If you have ever wondered what
“forward secrecy” means, how key exchange works, or how protocols can ensure you’re communicating
with the right person (not an impostor like a “man in the middle”), this talk will clear things up.
We will give a dramatic live performance of security protocols, guaranteed to make a dry subject
- David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, et al.:
“Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice,”
at 22nd ACM Conference on Computer and Communications Security (CCS), October 2015.
- Nikita Borisov, Ian Goldberg, and Eric A Brewer:
“Off-the-Record Communication, or, Why Not To Use PGP,”
at ACM Workshop on Privacy in the Electronic Society (WPES), October 2004.
- Tilman Frosch, Christian Mainka, Christoph Bader, et al.:
“How Secure is TextSecure?,” at 1st IEEE European Symposium on
Security and Privacy (EuroS&P), March 2016.
- Christina Garman, Matthew Green, Gabriel Kaptchuk, Ian Miers, and Michael Rushanan:
“Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage,”
at 25th USENIX Security Symposium, August 2016.
- Hugo Krawczyk: “SIGMA: the “SIGn-and-MAc” Approach to Authenticated Diffie-Hellman
and its Use in the IKE Protocols,” at
23rd Annual International Cryptology Conference (CRYPTO), August 2003.
- Ben Laurie: “Certificate Transparency,” ACM Queue, volume 12, number 8, August 2014.
- Moxie Marlinspike: “Advanced cryptographic ratcheting,” 26 November 2013.
- Marcela S Melara, Aaron Blankstein, Joseph Bonneau, Edward W Felten, and Michael J Freedman:
“CONIKS: Bringing Key Transparency to End Users,” at
24th USENIX Security Symposium, August 2015.
- Wade Trappe and Lawrence C Washington: Introduction to Cryptography with Coding Theory,
2nd edition. Pearson, July 2005. ISBN: 978-0131862395
- Nik Unger, Sergej Dechand, Joseph Bonneau, et al.:
“SoK: Secure Messaging,” at 36th IEEE Symposium on Security and Privacy, May 2015.
- “iOS Security White Paper,” Apple Inc., May 2016.
- “WhatsApp Encryption Overview,” WhatsApp Inc., April 2016.