Detecting and preventing active attacks against AutocryptΒΆ

  • 1. Introduction
    • 1.1. Attack model and terminology
    • 1.2. Problems of current key-verification techniques
    • 1.3. Integrating key verification with general workflows
    • 1.4. Supplementary key consistency through ClaimChains
    • 1.5. Detecting inconsistencies through Gossip and DKIM
  • 2. Securing communications against network adversaries
    • 2.1. Setup Contact protocol
    • 2.2. Verified Group protocol
    • 2.3. History-verification protocol
    • 2.4. Verifying keys through onion-queries
  • 3. Key consistency with ClaimChains
    • 3.1. High level overview of the ClaimChain design
    • 3.2. Use and architecture
    • 3.3. Evaluating ClaimChains to guide verification
  • 4. Using Autocrypt key gossip to guide key verification
    • 4.1. Attack Scenarios
    • 4.2. Probability of detecting an attack through out of band verification
  • 5. Using DKIM signature checks to guide key verification
    • 5.1. DKIM Signatures on Autocrypt Headers
    • 5.2. Device loss and MITM attacks
    • 5.3. Open Questions

Logo

countermitm-0.10.0

  • Index
  • Download PDF
  • Github
  • IRC/freenode #nextleap
©2018. | Powered by Sphinx 1.8.5 & Alabaster 0.7.12 | Page source