Circumventing Cryptographic Deniability with Remote Attestation

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorGunn, Lachlanen_US
dc.contributor.authorVieitez Parra, Ricardoen_US
dc.contributor.authorAsokan, N.en_US
dc.contributor.departmentDepartment of Computer Scienceen
dc.contributor.groupauthorAdj. Prof Asokan N. groupen
dc.contributor.groupauthorHelsinki Institute for Information Technology (HIIT)en
dc.contributor.organizationDepartment of Computer Scienceen_US
dc.date.accessioned2019-09-20T11:10:19Z
dc.date.available2019-09-20T11:10:19Z
dc.date.issued2019-07-12en_US
dc.description.abstractDeniable messaging protocols allow two parties to have ‘off-the-record’ conversations without leaving any record that can convince external verifiers about what either of them said during the conversation. Recent events like the Podesta email dump underscore the importance of deniable messaging to politicians, whistleblowers, dissidents and many others. Consequently, messaging protocols like Signal and OTR are designed with cryptographic mechanisms to ensure deniable communication, irrespective of whether the communications partner is trusted. Many commodity devices today support hardware assisted remote attestation which can be used to convince a remote verifier of some property locally observed on the device. We show how an adversary can use remote attestation to undetectably generate a non-repudiable transcript from any deniable protocol (including messaging protocols) providing sender authentication, proving to skeptical verifiers what was said. We describe a concrete implementation of the technique using the Signal messaging protocol. We then show how to design protocols that are deniable even against an adversary capable of attestation, and in particular how attestation itself can be used to restore deniability by thwarting realistic classes of adversary.en
dc.description.versionPeer revieweden
dc.format.extent350–369
dc.format.mimetypeapplication/pdfen_US
dc.identifier.citationGunn, L, Vieitez Parra, R & Asokan, N 2019, Circumventing Cryptographic Deniability with Remote Attestation . in Proceedings on Privacy Enhancing Technologies . Proceedings on Privacy Enhancing Technologies, no. 3, vol. 2019, De Gruyter, pp. 350–369, Privacy Enhancing Technologies Symposium, Stockholm, Sweden, 16/07/2019 . https://doi.org/10.2478/popets-2019-0051en
dc.identifier.doi10.2478/popets-2019-0051en_US
dc.identifier.issn2299-0984
dc.identifier.otherPURE UUID: 42805f66-0157-4e15-9d41-4967f4a99cefen_US
dc.identifier.otherPURE ITEMURL: https://research.aalto.fi/en/publications/42805f66-0157-4e15-9d41-4967f4a99cefen_US
dc.identifier.otherPURE FILEURL: https://research.aalto.fi/files/36874074/_22990984_Proceedings_on_Privacy_Enhancing_Technologies_Circumventing_Cryptographic_Deniability_with_Remote_Attestation.pdfen_US
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/40300
dc.identifier.urnURN:NBN:fi:aalto-201909205326
dc.language.isoenen
dc.publisherDe Gruyter
dc.relation.ispartofPrivacy Enhancing Technologies Symposiumen
dc.relation.ispartofseriesProceedings on Privacy Enhancing Technologiesen
dc.relation.ispartofseriesVolume 2019, issue 3en
dc.rightsopenAccessen
dc.titleCircumventing Cryptographic Deniability with Remote Attestationen
dc.typeA4 Artikkeli konferenssijulkaisussafi
dc.type.versionpublishedVersion
Files