IBE-Signal: Reshaping Signal into a MITM-Attack-Resistant Protocol

Abstract

The Signal Protocol is one of the most popular privacy protocols today for protecting Internet chats and supports end-to-end encryption. Nevertheless, despite its many advantages, the Signal Protocol is not resistant to Man-In-The-Middle (MITM) attacks because a malicious server can distribute the forged identity-based public keys during the user registration phase. To address this problem, we proposed the IBE-Signal scheme that replaced the Extended Triple Diffie–Hellman (X3DH) key agreement protocol with enhanced Identity-Based Encryption (IBE). Specifically, the adoption of verifiable parameter initialization ensures the authenticity of system parameters. At the same time, the Identity-Based Signature (IBS) enables our scheme to support mutual authentication. Moreover, we proposed a distributed key generation mechanism that served as a risk decentralization to mitigate IBE’s key escrow problem. Besides, the proposed revocable IBE scheme is used for the revocation problem. Notably, the IND-ID-CPA security of the IBE-Signal scheme is proven under the random oracle model. Compared with the existing schemes, our scheme provided new security features of mutual authentication, perfect forward secrecy, post-compromise security, and key revocation. Experiments showed that the computational overhead is lower than that of other schemes when the Cloud Privacy Centers (CPCs) number is less than 8.