Feb. 6, 2024, 5:10 a.m. | Felix Linker David Basin

cs.CR updates on arXiv.org arxiv.org

Social authentication has been suggested as a usable authentication ceremony to replace manual key authentication in messaging applications. Using social authentication, chat partners authenticate their peers using digital identities managed by identity providers. In this paper, we formally define social authentication, present a protocol called SOAP that largely automates social authentication, formally prove SOAP's security, and demonstrate SOAP's practicality in two prototypes. One prototype is web-based, and the other is implemented in the open-source Signal messaging application.
Using SOAP, users …

applications authenticate authentication called chat cs.cr digital digital identities identities identity identity providers key managed messaging partners protocol prove security soap social

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

Issues Management & Risk Treatment Sr. Consultant

@ Northern Trust | Tempe, AZ Building 2190

Dir. DDIT ISC Enterprise Architecture AppSec

@ Novartis | Hyderabad (Office)

System Access Management Manager

@ Ingram Micro | CA - Irvine, HQ

Oracle Linux Systems Administrator

@ Leidos | 1662 Intelligence Community Campus - Bethesda MD

Senior Systems Engineer - AWS

@ CACI International Inc | 999 REMOTE