International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Igors Stepanovs

Publications

Year
Venue
Title
2024
EUROCRYPT
Symmetric Signcryption and E2EE Messaging in Keybase
Joseph Jaeger Akshaya Kumar Igors Stepanovs
We introduce a new cryptographic primitive called symmetric signcryption, which differs from traditional signcryption because the sender and recipient share a secret key. We prove that a natural composition of symmetric encryption and signatures achieves strong notions of security against attackers that can learn and control many keys. We then identify that the core encryption algorithm of the Keybase encrypted messaging protocol can be modeled as a symmetric signcryption scheme. We prove the security of this algorithm, though our proof requires assuming non-standard, brittle security properties of the underlying primitives.
2020
EUROCRYPT
Security under Message-Derived Keys: Signcryption in iMessage 📺
Mihir Bellare Igors Stepanovs
At the core of Apple's iMessage is a SignCryption scheme that involves symmetric encryption of a message under a key that is derived from the message itself. To capture this, we formalize a primitive we call Encryption under Message-Derived Keys (EMDK). We prove security of the EMDK scheme underlying iMessage. We use this to prove security of the SignCryption scheme itself, with respect to definitions of SignCryption we give that enhance prior ones to cover issues peculiar to messaging protocols. Our provable-security results are quantitative, and we discuss the practical implications for iMessage.
2018
CRYPTO
Optimal Channel Security Against Fine-Grained State Compromise: The Safety of Messaging 📺
Joseph Jaeger Igors Stepanovs
We aim to understand the best possible security of a (bidirectional) cryptographic channel against an adversary that may arbitrarily and repeatedly learn the secret state of either communicating party. We give a formal security definition and a proven-secure construction. This construction provides better security against state compromise than the Signal Double Ratchet Algorithm or any other known channel construction. To facilitate this we define and construct new forms of public-key encryption and digital signatures that update their keys over time.
2017
CRYPTO
2016
EUROCRYPT
2016
TCC
2016
TCC
2014
ASIACRYPT

Program Committees

PKC 2022