Incidental Incremental In-Band Fingerprint Verification: a Novel Authentication Ceremony for End-to-End Encrypted Messaging
| dc.contributor.author | Malkin, Nathan | |
| dc.date.accessioned | 2023-09-14T19:48:43Z | |
| dc.date.available | 2023-09-14T19:48:43Z | |
| dc.date.issued | 2022-10-24 | |
| dc.description.abstract | End-to-end encryption in popular messaging applications relies on centralized key servers. To keep these honest, users are supposed to meet in person and compare “fingerprints” of their public keys. Very few people do this, despite attempts to make this process more usable, making trust in the systems tenuous. To encourage broader adoption of verification behaviors, this paper proposes a new type of authentication ceremony, incidental incremental in-band fingerprint verification (I3FV), in which users periodically share with their friends photos or videos of themselves responding to simple visual or behavioral prompts (“challenges”). This strategy allows verification to be performed incidentally to normal user activities, incrementally over time, and in-band within the messaging application. By replacing a dedicated security task with a fun, alreadywidespread activity, I3FV has the potential to vastly increase the number of people verifying keys and therefore strengthen trust in encrypted messaging. | |
| dc.description.uri | https://doi.org/10.1145/3584318.3584326 | |
| dc.identifier | https://doi.org/10.13016/dspace/nxfn-vthz | |
| dc.identifier.citation | Nathan Malkin. 2022. Incidental Incremental In-Band Fingerprint Verification: a Novel Authentication Ceremony for End-to-End Encrypted Messaging. In New Security Paradigms Workshop (NSPW ’22), October 24–27, 2022, North Conway, NH, USA. ACM, New York, NY, USA, 13 pages. | |
| dc.identifier.uri | http://hdl.handle.net/1903/30504 | |
| dc.language.iso | en_US | |
| dc.publisher | Association for Computer Machinery (ACM) | |
| dc.relation.isAvailableAt | College of Computer, Mathematical & Natural Sciences | en_us |
| dc.relation.isAvailableAt | Computer Science | en_us |
| dc.relation.isAvailableAt | Digital Repository at the University of Maryland | en_us |
| dc.relation.isAvailableAt | University of Maryland (College Park, MD) | en_us |
| dc.title | Incidental Incremental In-Band Fingerprint Verification: a Novel Authentication Ceremony for End-to-End Encrypted Messaging | |
| dc.type | Article | |
| local.equitableAccessSubmission | No |