On real-world cryptographic protocols for end-to-end encrypted backups and key confirmation / Tobias Handirk, M.Sc. Wuppertal, August 23, 2024
Inhalt
- Abstract
- Acronyms
- Introduction
- Preliminaries
- Notation
- Provable Security
- Cryptographic Building Blocks
- Cryptographic Hash Functions
- Symmetric Encryption
- Asymmetric Encryption
- Message Authentication Codes
- Digital Signatures
- Computational Problems
- The Random Oracle Model
- Key Confirmation
- On the Concrete Security of Key Confirmation
- End-to-End Encrypted Backup Protocols
- Security Analysis of the WhatsApp End-to-End Encrypted Backup Protocol
- Overview
- E2EE Backups in WhatsApp
- High-level Protocol Overview
- Client Registration
- Hardware Security Modules
- Secure Outsourced Storage
- WhatsApp Backup Protocol Description
- Extending the Number of Password Guesses
- Password-Protected Key Retrieval
- Security Analysis
- Password-Protected Key Retrieval with(out) HSM-Protection
- Overview
- Lev-1 Protocol: Basic Encrypt-to-HSM
- Lev-2 Protocol: Enhanced Encrypt-to-HSM
- Lev-3 Protocol: OPRF-based PPKR
- Evaluation & Discussion
- Conclusion
- Bibliography
- Comparison of the WBP to the OPAQUE Internet Draft Notation
- On not Using Proven OPAQUE Guarantees for the WBP
- Explicit entity authentication vs. explicit key authentication.