[Resource Topic] 2017/982: Mind the Gap: Where Provable Security and Real-World Messaging Don't Quite Meet

Welcome to the resource topic for 2017/982

Mind the Gap: Where Provable Security and Real-World Messaging Don’t Quite Meet

Authors: Katriel Cohn-Gordon, Cas Cremers


Secure messaging apps have enjoyed huge uptake, and with the headline figure of one billion active WhatsApp users there has been a corresponding burst of academic research on the topic. One might therefore wonder: how far is the academic community from providing concrete, applicable guarantees about the apps that are currently in widespread use? We argue that there are still significant gaps between the security properties that users might expect from a communication app, and the security properties that have been formally proven. These gaps arise from dubious technical assumptions, tradeoffs in the name of reliability, or simply features out of scope of the analyses. We survey these gaps, and discuss where the academic community can contribute. In particular, we encourage more transparency about analyses’ restrictions: the easier they are to understand, the easier they are to solve.

ePrint: https://eprint.iacr.org/2017/982

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .