International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Security under Message-Derived Keys: Signcryption in iMessage

Mihir Bellare , UC San Diego
Igors Stepanovs , ETH Zürich
DOI: 10.1007/978-3-030-45727-3_17 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: EUROCRYPT 2020
Abstract: At the core of Apple's iMessage is a SignCryption scheme that involves symmetric encryption of a message under a key that is derived from the message itself. To capture this, we formalize a primitive we call Encryption under Message-Derived Keys (EMDK). We prove security of the EMDK scheme underlying iMessage. We use this to prove security of the SignCryption scheme itself, with respect to definitions of SignCryption we give that enhance prior ones to cover issues peculiar to messaging protocols. Our provable-security results are quantitative, and we discuss the practical implications for iMessage.
Video from EUROCRYPT 2020
  title={Security under Message-Derived Keys: Signcryption in iMessage},
  booktitle={39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings},
  series={Lecture Notes in Computer Science},
  keywords={SignCryption;Public-Key Encryption;Symmetric Encryption;Random Oracle Model;Messaging},
  author={Mihir Bellare and Igors Stepanovs},