Please note: This PhD seminar will be given online.
Sebastian Reynaldo Verschoor, PhD candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Michele Mosca
Secure messaging applications establish a secured channel between two long-term public keys. Additional key authentication ensures to users that these public keys actually belong to the intended parties, prevent attacks such as a person-in-the-middle. Off-the-Record messaging provides a unique solution in the form of the socialist millionaire protocol (SMP), allowing user-friendly in-band key authentication based on a low-entropy secret between users. This solution uses Diffie-Hellman and other discrete logarithm based primitives and is therefore vulnerable to quantum attacks using Shor’s algorithm.
I propose a post-quantum replacement for the SMP, based on techniques from private set intersection. The protocol builds (a version of) a private equality test from oblivious transfers, which in turn are constructed from post-quantum key encapsulation mechanisms. I give a security argument in the simple universal composability framework, and I provide a prototype implementation in C to demonstrate the solution is practical. In the talk I give an overview of the protocol construction and discuss the considerations that lead to the current solution.
To join this PhD seminar on MS Teams, please go to https://teams.microsoft.com/l/meetup-join/19:meeting_YWZhZGQ4NzgtYTg0OS00YTQzLWFjZmItN2EwYTc0YjMyZjEz@thread.v2/0?context=%7B%22Tid%22:%22723a5a87-f39a-4a22-9247-3fc240c01396%22,%22Oid%22:%22fe80089b-3005-4397-ae62-3b12b09b38cd%22%7D.
200 University Avenue West
Waterloo, ON N2L 3G1