Key Transparency

Key Transparency allows communicating parties to verify public keys used in end-to-end encryption.^[1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate.^[2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched and communications can be intercepted and manipulated.^[3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages.^[2]

With Key Transparency, public keys are posted to a public log that can be universally audited.^[4] Communicating parties can verify public keys used are accurate.^[4]

References[edit]

^ Malvai, Harjasleen; Kokoris-Kogias, Lefteris; Sonnino, Alberto; Ghosh, Esha (2023). "Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging". Cryptology ePrint Archive, Paper 2023/081. doi:10.14722/ndss.2023.24545.
^ ^a ^b Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. "{CONIKS}: Bringing key transparency to end users." In 24th USENIX Security Symposium (USENIX Security 15), pp. 383-398. 2015.
^ Bonneau, Joseph. "EthIKS: Using Ethereum to audit a CONIKS key transparency log." In International Conference on Financial Cryptography and Data Security, pp. 95-105. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016.
^ ^a ^b Chen, Brian, Yevgeniy Dodis, Esha Ghosh, Eli Goldin, Balachandar Kesavan, Antonio Marcedone, and Merry Ember Mou. "Rotatable zero knowledge sets: Post compromise secure auditable dictionaries with application to key transparency." In International Conference on the Theory and Application of Cryptology and Information Security, pp. 547-580. Cham: Springer Nature Switzerland, 2022.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[Malvai2023-1] Malvai, Harjasleen; Kokoris-Kogias, Lefteris; Sonnino, Alberto; Ghosh, Esha (2023). "Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging". Cryptology ePrint Archive, Paper 2023/081. doi:10.14722/ndss.2023.24545.

[coniks2015-2] Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. "{CONIKS}: Bringing key transparency to end users." In 24th USENIX Security Symposium (USENIX Security 15), pp. 383-398. 2015.

[3] Bonneau, Joseph. "EthIKS: Using Ethereum to audit a CONIKS key transparency log." In International Conference on Financial Cryptography and Data Security, pp. 95-105. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016.

[Chen2022-4] Chen, Brian, Yevgeniy Dodis, Esha Ghosh, Eli Goldin, Balachandar Kesavan, Antonio Marcedone, and Merry Ember Mou. "Rotatable zero knowledge sets: Post compromise secure auditable dictionaries with application to key transparency." In International Conference on the Theory and Application of Cryptology and Information Security, pp. 547-580. Cham: Springer Nature Switzerland, 2022.

[1]

[2]

[3]

[4]

See also[edit]

References[edit]