Paper 2020/224

Security under Message-Derived Keys: Signcryption in iMessage

Mihir Bellare and Igors Stepanovs

Abstract

At the core of Apple's iMessage is a signcryption scheme that involves symmetric encryption of a message under a key that is derived from the message itself. This motivates us to formalize a primitive we call Encryption under Message-Derived Keys (EMDK). We prove security of the EMDK scheme underlying iMessage. We use this to prove security of the signcryption scheme itself, with respect to definitions of signcryption we give that enhance prior ones to cover issues peculiar to messaging protocols. Our provable-security results are quantitative, and we discuss the practical implications for iMessage.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2020
Keywords
SigncryptionPublic-Key EncryptionSymmetric EncryptionRandom Oracle ModelMessaging
Contact author(s)
istepanovs @ inf ethz ch
mihir @ eng ucsd edu
History
2020-12-09: last of 3 revisions
2020-02-21: received
See all versions
Short URL
https://ia.cr/2020/224
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/224,
      author = {Mihir Bellare and Igors Stepanovs},
      title = {Security under Message-Derived Keys: Signcryption in iMessage},
      howpublished = {Cryptology ePrint Archive, Paper 2020/224},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/224}},
      url = {https://eprint.iacr.org/2020/224}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.