Key Transparency

Key Transparency allows communicating parties to verify public keys used in end-to-end encryption.[1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate.[2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched through the issuance of incorrect public keys. The communications can then be intercepted and manipulated.[3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages.[2]

With Key Transparency, public keys are posted to a public log that can be universally audited.[4] Communicating parties can verify public keys used are accurate.[4]

See also

References

  1. ^ Malvai, Harjasleen; Kokoris-Kogias, Lefteris; Sonnino, Alberto; Ghosh, Esha (2023). "Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging". Cryptology ePrint Archive, Paper 2023/081. doi:10.14722/ndss.2023.24545. ISBN 978-1-891562-83-9.
  2. ^ a b Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. "{CONIKS}: Bringing key transparency to end users." In 24th USENIX Security Symposium (USENIX Security 15), pp. 383-398. 2015.
  3. ^ Bonneau, Joseph. "EthIKS: Using Ethereum to audit a CONIKS key transparency log." In International Conference on Financial Cryptography and Data Security, pp. 95-105. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016.
  4. ^ a b Chen, Brian, Yevgeniy Dodis, Esha Ghosh, Eli Goldin, Balachandar Kesavan, Antonio Marcedone, and Merry Ember Mou. "Rotatable zero knowledge sets: Post compromise secure auditable dictionaries with application to key transparency." In International Conference on the Theory and Application of Cryptology and Information Security, pp. 547-580. Cham: Springer Nature Switzerland, 2022.


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by adding missing information.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.