{"title":"Blockchain-enabled End-to-End Encryption for Instant Messaging Applications","authors":"Raman Singh, Ark Nandan Singh Chauhan, H. Tewari","doi":"10.1109/WoWMoM54355.2022.00078","DOIUrl":null,"url":null,"abstract":"In this era of ubiquitous social media and messaging applications, users are becoming increasingly aware of the data privacy issues associated with such apps. Major messaging applications are moving towards end-to-end encryption (E2EE) to give their users the privacy they are demanding. However the current security mechanisms employed by different service providers are not unfeigned E2EE implementations, and are blended with many vulnerabilities. At present, the major part of the E2EE mechanism is controlled by the service provider’s servers, and the decryption keys are also stored by them in case of backup restoration. These shortcomings diminish user confidence in the privacy of their data when using these apps. A public key infrastructure (PKI) can be used to circumvent some of these issues, but it comes with high monetary costs, which makes it impossible to roll out on a global scale. This paper proposes a blockchain-based E2EE framework that can mitigate many of the contemporary vulnerabilities in today’s messaging applications. A user’s device generates the public/private key pair during application installation, and asks its mobile network operator (MNO) to issue a digital certificate and store it on a public blockchain. Any user can fetch a certificate for another user from the application server, and communicate securely with them using a ratchet forward encryption mechanism.","PeriodicalId":275324,"journal":{"name":"2022 IEEE 23rd International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 23rd International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WoWMoM54355.2022.00078","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
In this era of ubiquitous social media and messaging applications, users are becoming increasingly aware of the data privacy issues associated with such apps. Major messaging applications are moving towards end-to-end encryption (E2EE) to give their users the privacy they are demanding. However the current security mechanisms employed by different service providers are not unfeigned E2EE implementations, and are blended with many vulnerabilities. At present, the major part of the E2EE mechanism is controlled by the service provider’s servers, and the decryption keys are also stored by them in case of backup restoration. These shortcomings diminish user confidence in the privacy of their data when using these apps. A public key infrastructure (PKI) can be used to circumvent some of these issues, but it comes with high monetary costs, which makes it impossible to roll out on a global scale. This paper proposes a blockchain-based E2EE framework that can mitigate many of the contemporary vulnerabilities in today’s messaging applications. A user’s device generates the public/private key pair during application installation, and asks its mobile network operator (MNO) to issue a digital certificate and store it on a public blockchain. Any user can fetch a certificate for another user from the application server, and communicate securely with them using a ratchet forward encryption mechanism.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
