USENIX Security '24 - In-Depth Cryptographic Analysis of Delta Chat
This paper by Yuanming Song, Lenka Mareková, and Kenneth G. Paterson from ETH Zurich presents a comprehensive analysis of the cryptographic protocols that support Delta Chat.
USENIX
143 views • Nov 12, 2024
About this video
Cryptographic Analysis of Delta Chat
Yuanming Song, Lenka Mareková, and Kenneth G. Paterson, ETH Zurich
We analyse the cryptographic protocols underlying Delta Chat, a decentralised messaging application which uses e-mail infrastructure for message delivery. It provides end-to-end encryption by implementing the Autocrypt standard and the SecureJoin protocols, both making use of the OpenPGP standard. Delta Chat's adoption by categories of high-risk users such as journalists and activists, but also more generally users in regions affected by Internet censorship, makes it a target for powerful adversaries. Yet, the security of its protocols has not been studied to date. We describe five new attacks on Delta Chat in its own threat model, exploiting cross-protocol interactions between its implementation of SecureJoin and Autocrypt, as well as bugs in rPGP, its OpenPGP library. The findings have been disclosed to the Delta Chat team, who implemented fixes.
View the full USENIX Security '24 program at https://www.usenix.org/conference/usenixsecurity24/program
Yuanming Song, Lenka Mareková, and Kenneth G. Paterson, ETH Zurich
We analyse the cryptographic protocols underlying Delta Chat, a decentralised messaging application which uses e-mail infrastructure for message delivery. It provides end-to-end encryption by implementing the Autocrypt standard and the SecureJoin protocols, both making use of the OpenPGP standard. Delta Chat's adoption by categories of high-risk users such as journalists and activists, but also more generally users in regions affected by Internet censorship, makes it a target for powerful adversaries. Yet, the security of its protocols has not been studied to date. We describe five new attacks on Delta Chat in its own threat model, exploiting cross-protocol interactions between its implementation of SecureJoin and Autocrypt, as well as bugs in rPGP, its OpenPGP library. The findings have been disclosed to the Delta Chat team, who implemented fixes.
View the full USENIX Security '24 program at https://www.usenix.org/conference/usenixsecurity24/program
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
143
Likes
5
Duration
13:40
Published
Nov 12, 2024
Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.