The Many Faces of End-to-End Encryption and Their Security Analysis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Due to increased government surveillance as well as data breaches, end-to-end encryption has recently received an increasing attention as a way to protect against such threats. End-to-end (E2E) encryption preserve the confidentiality of data on the wire as well as from service providers by performing encryption/decryption at clients keeping the keys strictly within client devices. There are many variants of end-to-end encryption schemes for different communication patterns. In this paper, we systematically analyze the security of these different variants against three types of passive adversaries and one type of active adversaries. We show that the security of some of these systems are broken under these threat models and what can be done to ensure confidentiality in such systems. We also analyze the existing products in the market and show what level of security they provide. Our study shows that most of the E2E encrypted systems are secure against only the weakest passive adversaries. Further, these systems are broken not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. Specifically we identify that unencrypted metadata and access patterns make these systems susceptible to inference attacks. We conclude with general design guidelines to securely build such systems.

Original languageEnglish
Title of host publicationProceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages252-259
Number of pages8
ISBN (Electronic)9781538620175
DOIs
Publication statusPublished - 7 Sep 2017
Event1st IEEE International Conference on Edge Computing, EDGE 2017 - Honolulu, United States
Duration: 25 Jun 201730 Jun 2017

Other

Other1st IEEE International Conference on Edge Computing, EDGE 2017
CountryUnited States
CityHonolulu
Period25/6/1730/6/17

Fingerprint

Cryptography
Metadata
Systems analysis
Wire
Communication

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

Nabeel, M. (2017). The Many Faces of End-to-End Encryption and Their Security Analysis. In Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017 (pp. 252-259). [8029288] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IEEE.EDGE.2017.47

The Many Faces of End-to-End Encryption and Their Security Analysis. / Nabeel, Mohamed.

Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 252-259 8029288.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nabeel, M 2017, The Many Faces of End-to-End Encryption and Their Security Analysis. in Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017., 8029288, Institute of Electrical and Electronics Engineers Inc., pp. 252-259, 1st IEEE International Conference on Edge Computing, EDGE 2017, Honolulu, United States, 25/6/17. https://doi.org/10.1109/IEEE.EDGE.2017.47
Nabeel M. The Many Faces of End-to-End Encryption and Their Security Analysis. In Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 252-259. 8029288 https://doi.org/10.1109/IEEE.EDGE.2017.47
Nabeel, Mohamed. / The Many Faces of End-to-End Encryption and Their Security Analysis. Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 252-259
@inproceedings{9bba53ab176f466f9e90b9ae55922316,
title = "The Many Faces of End-to-End Encryption and Their Security Analysis",
abstract = "Due to increased government surveillance as well as data breaches, end-to-end encryption has recently received an increasing attention as a way to protect against such threats. End-to-end (E2E) encryption preserve the confidentiality of data on the wire as well as from service providers by performing encryption/decryption at clients keeping the keys strictly within client devices. There are many variants of end-to-end encryption schemes for different communication patterns. In this paper, we systematically analyze the security of these different variants against three types of passive adversaries and one type of active adversaries. We show that the security of some of these systems are broken under these threat models and what can be done to ensure confidentiality in such systems. We also analyze the existing products in the market and show what level of security they provide. Our study shows that most of the E2E encrypted systems are secure against only the weakest passive adversaries. Further, these systems are broken not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. Specifically we identify that unencrypted metadata and access patterns make these systems susceptible to inference attacks. We conclude with general design guidelines to securely build such systems.",
author = "Mohamed Nabeel",
year = "2017",
month = "9",
day = "7",
doi = "10.1109/IEEE.EDGE.2017.47",
language = "English",
pages = "252--259",
booktitle = "Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - The Many Faces of End-to-End Encryption and Their Security Analysis

AU - Nabeel, Mohamed

PY - 2017/9/7

Y1 - 2017/9/7

N2 - Due to increased government surveillance as well as data breaches, end-to-end encryption has recently received an increasing attention as a way to protect against such threats. End-to-end (E2E) encryption preserve the confidentiality of data on the wire as well as from service providers by performing encryption/decryption at clients keeping the keys strictly within client devices. There are many variants of end-to-end encryption schemes for different communication patterns. In this paper, we systematically analyze the security of these different variants against three types of passive adversaries and one type of active adversaries. We show that the security of some of these systems are broken under these threat models and what can be done to ensure confidentiality in such systems. We also analyze the existing products in the market and show what level of security they provide. Our study shows that most of the E2E encrypted systems are secure against only the weakest passive adversaries. Further, these systems are broken not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. Specifically we identify that unencrypted metadata and access patterns make these systems susceptible to inference attacks. We conclude with general design guidelines to securely build such systems.

AB - Due to increased government surveillance as well as data breaches, end-to-end encryption has recently received an increasing attention as a way to protect against such threats. End-to-end (E2E) encryption preserve the confidentiality of data on the wire as well as from service providers by performing encryption/decryption at clients keeping the keys strictly within client devices. There are many variants of end-to-end encryption schemes for different communication patterns. In this paper, we systematically analyze the security of these different variants against three types of passive adversaries and one type of active adversaries. We show that the security of some of these systems are broken under these threat models and what can be done to ensure confidentiality in such systems. We also analyze the existing products in the market and show what level of security they provide. Our study shows that most of the E2E encrypted systems are secure against only the weakest passive adversaries. Further, these systems are broken not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. Specifically we identify that unencrypted metadata and access patterns make these systems susceptible to inference attacks. We conclude with general design guidelines to securely build such systems.

UR - http://www.scopus.com/inward/record.url?scp=85032258813&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032258813&partnerID=8YFLogxK

U2 - 10.1109/IEEE.EDGE.2017.47

DO - 10.1109/IEEE.EDGE.2017.47

M3 - Conference contribution

AN - SCOPUS:85032258813

SP - 252

EP - 259

BT - Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -