The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
메시지 프랭킹은 Facebook에서 엔드투엔드 암호화 메시징 서비스에 도입했습니다. 이를 통해 Facebook에서 생성된 보고 태그라고 하는 암호화 증거를 포함하여 검증 가능한 악성 메시지 보고서를 생성할 수 있습니다. 최근 Grubbs et al. (CRYPTO'17)은 메시지 프랭킹에 대한 공식적인 연구를 진행하고 메시지 프랭킹을 얻기 위한 핵심 기본 요소로 CAEAD(연관된 데이터로 인증된 암호화 커밋)를 도입했습니다. 이 작업에서는 메시지 프랭킹의 보안을 강화하고 메시지 프랭킹에 대한 보고 태그의 업데이트 및 보안을 도입하는 것을 목표로 합니다. 순방향 보안은 현재 키가 노출되더라도 과거 키와 관련된 보안을 보장하며, 보고 태그를 업데이트하면 키가 업데이트된 후 악성 메시지를 보고할 수 있습니다. 이를 위해 우리는 먼저 추가 키 및 보고 태그 업데이트 알고리즘을 포함하여 업데이트 가능한 보고 태그를 사용하여 키 진화 메시지 프랭킹 개념을 제안합니다. 그런 다음 기밀성, 암호문 무결성, 위조 불가능성, 수신자 바인딩 및 발신자 바인딩이라는 XNUMX가지 보안 요구 사항을 공식화합니다. 마지막으로 CAEAD 기반의 업데이트 가능한 보고 태그, 순방향 보안 의사 난수 생성기 및 업데이트 가능한 메시지 인증 코드를 갖춘 순방향 보안 메시지 프랭킹의 구성을 보여줍니다.
Hiroki YAMAMURO
Tokyo Institute of Technology
Keisuke HARA
National Institute of Advanced Industrial Science and Technology (AIST),Yokohama National University
Masayuki TEZUKA
Tsuruoka College
Yusuke YOSHIDA
Tokyo Institute of Technology
Keisuke TANAKA
Tokyo Institute of Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Hiroki YAMAMURO, Keisuke HARA, Masayuki TEZUKA, Yusuke YOSHIDA, Keisuke TANAKA, "Forward Secure Message Franking with Updatable Reporting Tags" in IEICE TRANSACTIONS on Fundamentals,
vol. E106-A, no. 9, pp. 1164-1176, September 2023, doi: 10.1587/transfun.2022DMP0004.
Abstract: Message franking is introduced by Facebook in end-to-end encrypted messaging services. It allows to produce verifiable reports of malicious messages by including cryptographic proofs, called reporting tags, generated by Facebook. Recently, Grubbs et al. (CRYPTO'17) proceeded with the formal study of message franking and introduced committing authenticated encryption with associated data (CAEAD) as a core primitive for obtaining message franking. In this work, we aim to enhance the security of message franking and introduce forward security and updates of reporting tags for message franking. Forward security guarantees the security associated with the past keys even if the current keys are exposed and updates of reporting tags allow for reporting malicious messages after keys are updated. To this end, we firstly propose the notion of key-evolving message franking with updatable reporting tags including additional key and reporting tag update algorithms. Then, we formalize five security requirements: confidentiality, ciphertext integrity, unforgeability, receiver binding, and sender binding. Finally, we show a construction of forward secure message franking with updatable reporting tags based on CAEAD, forward secure pseudorandom generator, and updatable message authentication code.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2022DMP0004/_p
부
@ARTICLE{e106-a_9_1164,
author={Hiroki YAMAMURO, Keisuke HARA, Masayuki TEZUKA, Yusuke YOSHIDA, Keisuke TANAKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Forward Secure Message Franking with Updatable Reporting Tags},
year={2023},
volume={E106-A},
number={9},
pages={1164-1176},
abstract={Message franking is introduced by Facebook in end-to-end encrypted messaging services. It allows to produce verifiable reports of malicious messages by including cryptographic proofs, called reporting tags, generated by Facebook. Recently, Grubbs et al. (CRYPTO'17) proceeded with the formal study of message franking and introduced committing authenticated encryption with associated data (CAEAD) as a core primitive for obtaining message franking. In this work, we aim to enhance the security of message franking and introduce forward security and updates of reporting tags for message franking. Forward security guarantees the security associated with the past keys even if the current keys are exposed and updates of reporting tags allow for reporting malicious messages after keys are updated. To this end, we firstly propose the notion of key-evolving message franking with updatable reporting tags including additional key and reporting tag update algorithms. Then, we formalize five security requirements: confidentiality, ciphertext integrity, unforgeability, receiver binding, and sender binding. Finally, we show a construction of forward secure message franking with updatable reporting tags based on CAEAD, forward secure pseudorandom generator, and updatable message authentication code.},
keywords={},
doi={10.1587/transfun.2022DMP0004},
ISSN={1745-1337},
month={September},}
부
TY - JOUR
TI - Forward Secure Message Franking with Updatable Reporting Tags
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1164
EP - 1176
AU - Hiroki YAMAMURO
AU - Keisuke HARA
AU - Masayuki TEZUKA
AU - Yusuke YOSHIDA
AU - Keisuke TANAKA
PY - 2023
DO - 10.1587/transfun.2022DMP0004
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E106-A
IS - 9
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - September 2023
AB - Message franking is introduced by Facebook in end-to-end encrypted messaging services. It allows to produce verifiable reports of malicious messages by including cryptographic proofs, called reporting tags, generated by Facebook. Recently, Grubbs et al. (CRYPTO'17) proceeded with the formal study of message franking and introduced committing authenticated encryption with associated data (CAEAD) as a core primitive for obtaining message franking. In this work, we aim to enhance the security of message franking and introduce forward security and updates of reporting tags for message franking. Forward security guarantees the security associated with the past keys even if the current keys are exposed and updates of reporting tags allow for reporting malicious messages after keys are updated. To this end, we firstly propose the notion of key-evolving message franking with updatable reporting tags including additional key and reporting tag update algorithms. Then, we formalize five security requirements: confidentiality, ciphertext integrity, unforgeability, receiver binding, and sender binding. Finally, we show a construction of forward secure message franking with updatable reporting tags based on CAEAD, forward secure pseudorandom generator, and updatable message authentication code.
ER -