Author_Institution :
Sch. of Comput. & Communiation Eng., Univ. of Sci. & Technol., Beijing, China
Abstract :
Recently, mobile services of ephemeral communications, such as Snapchat, are becoming increasingly popular because of their "burn after reading" functionality. However, recent events show that these services do not achieve the claimed functionality supporting truly self-destructing messages. In this paper, we address the problem of privacy protection in ephemeral communications involving untrusted service providers. We present SecureSnaps, a forward secrecy cryptosystem with self-destructing messages. In this system, we introduce a trusted module supervised by a trusted third party in order to ensure the security of user\´s private keys, so that untrusted service providers cannot access the communications among users. We take a new approach, called cryptographic counting control, to implement message\´s self-destruction functionality which meets the requirement for forward secrecy. By adopting this approach, no one, including the original sender, service provider, and key management module, can recover past messages once these messages have entered the "destroyed state". We prove that the proposed scheme is provably secure against chosen plaintext attacks. Our experiment results demonstrate its efficiency and practicality for large-size group of users.
Keywords :
data privacy; mobile computing; private key cryptography; trusted computing; SecureSnaps; Snapchat; burn after reading functionality; cryptographic counting control; ephemeral communication; forward secrecy cryptosystem; functionality supporting truly self-destructing message; key management module; mobile service; privacy protection; self-destruction functionality; trusted module; trusted third party; untrusted service provider; user private key; Encryption; Mobile communication; Privacy; Public key; Receivers; Broadcast Encryption; Counting Control; Ephemeral Communications; Forward Secrecy; Self-destructing Messages;
