Deniable Messaging Under Strong Surveillance

Sammanfattning: In today’s society, people are more aware of the need for encryption to keep their private information safe. Therefore chat apps like WhatsApp and Signal are popular since they allow people to talk encrypted over instant messaging. However, normal encryption might not always be enough to keep the data safe. An adversary who can record and keep a transcript of everything a person sends over the Internet, could force the person to reveal the key used for encryption and therefore know what they sent. OTPKX is a protocol that prevents this with the help of deniable encryption, by giving a user the ability to create a fake message and key to show to the adversary. This thesis continues the work to create a protocol that gives deniability against an adversary that can record everything, force both sender and receiver to reveal their keys, and also have access to both devices. The protocol proposed in this thesis uses One Time Pad for encryption and for creating fake keys. A user creates both a real message, a fake message, combines them, and sends them to the receiver. Then both users have access to the fake message and can therefore both create the same fake key. The original key used for encryption is then replaced with the fake key and the fake message is stored on the device. No evidence of the real message or key is stored, and the fake data is the same at the sender and receiver. We find that our protocol is Indistinguishably under Chosen-CiphertextsAttack and provides Integrity of CipherTexts and therefore gives integrity and confidentiality. The protocol also gives users deniability so that they are protected against all attacker models in this thesis. The deniability could fail if an attacker has a keylogger on a users device or if the attacker has access to a device without the user knowing about it. The proof of concept implementation showed that it is possible to implement the protocol and have the same security and deniability at the cost of some performance. The biggest performance cost was replacing the original key with the fake key, which took most of the time when encrypting and decrypting. The total time for sending a message was around 40ms on a new device and around 620ms on an older device, receiving a message also took around 40ms on a new device and around 780ms on an older device. Normal Symmetric encryption takes about 1ms, which is much faster than our implementation. However in practice we do not believe this increase in time to be noticeable.