Systematization of threats and requirements for private messaging with untrusted servers. The case of E-mailing and instant messaging
English
Symeonidis, Iraklis[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Lenzini, Gabriele[University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Feb-2020
International Conference on Information Systems Security and Privacy, Malta 25-27 February 2020
Yes
International
6th International Conference on Information Systems Security and Privacy
from 25-02-2020 to 27-02-2020
[en] Modern email and instant messaging applications often offer private communications. In doing so, they share common concerns about how security and privacy can be compromised, how they should face similar threats, and how to comply with comparable system requirements. Assuming a scenario where servers may not be trusted, we review and analyze a list of threats specifically against message delivering, archiving, and contact synchronization. We also describe a list of requirements intended for whom undertakes the task of implementing secure and private messaging. The cryptographic solutions available to mitigate the threats and to comply with the requirements may differ, as the two applications are built on different assumptions and technologies.