Key Transparency Explained
Key Transparency allows communicating parties to verify public keys used in end-to-end encryption.[1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate.[2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched and communications can be intercepted and manipulated.[3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages.
With Key Transparency, public keys are posted to a public log that can be universally audited.[4] Communicating parties can verify public keys used are accurate.
See also
Notes and References
- Malvai . Harjasleen . Kokoris-Kogias . Lefteris . Sonnino . Alberto . Ghosh . Esha . Parakeet: Practical Key Transparency for End-to-End Encrypted Messaging . Cryptology ePrint Archive, Paper 2023/081 . 2023 . 10.14722/ndss.2023.24545 .
- Melara, Marcela S., Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman. ": Bringing key transparency to end users." In 24th USENIX Security Symposium (USENIX Security 15), pp. 383-398. 2015.
- Bonneau, Joseph. "EthIKS: Using Ethereum to audit a CONIKS key transparency log." In International Conference on Financial Cryptography and Data Security, pp. 95-105. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016.
- Chen, Brian, Yevgeniy Dodis, Esha Ghosh, Eli Goldin, Balachandar Kesavan, Antonio Marcedone, and Merry Ember Mou. "Rotatable zero knowledge sets: Post compromise secure auditable dictionaries with application to key transparency." In International Conference on the Theory and Application of Cryptology and Information Security, pp. 547-580. Cham: Springer Nature Switzerland, 2022.