Key Transparency allows communicating parties to verify public keys used in end-to-end encryption.[1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate.[2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched through the issuance of incorrect public keys. The communications can then be intercepted and manipulated.[3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages.[2]
With Key Transparency, public keys are posted to a public log that can be universally audited.[4] Communicating parties can verify public keys used are accurate.[4]
See also
editReferences
edit- ^ Malvai, Harjasleen; Kokoris-Kogias, Lefteris; Sonnino, Alberto; Ghosh, Esha (2023). "Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging". Cryptology ePrint Archive, Paper 2023/081. doi:10.14722/ndss.2023.24545.
- ^ a b Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. "{CONIKS}: Bringing key transparency to end users." In 24th USENIX Security Symposium (USENIX Security 15), pp. 383-398. 2015.
- ^ Bonneau, Joseph. "EthIKS: Using Ethereum to audit a CONIKS key transparency log." In International Conference on Financial Cryptography and Data Security, pp. 95-105. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016.
- ^ a b Chen, Brian, Yevgeniy Dodis, Esha Ghosh, Eli Goldin, Balachandar Kesavan, Antonio Marcedone, and Merry Ember Mou. "Rotatable zero knowledge sets: Post compromise secure auditable dictionaries with application to key transparency." In International Conference on the Theory and Application of Cryptology and Information Security, pp. 547-580. Cham: Springer Nature Switzerland, 2022.