Abstract by Brad Spendlove
CONIKS Goes Mobile: Verifiable Public Key Infrastructure for Encrypted Messaging Apps
3M - Current encrypted messaging apps such as Signal and WhatsApp require users to verify one anothers' public keys to ensure secure communication. However, key verification is cumbersome and unusable, and many users unknowingly expose themselves to surveillance and impersonation by not completing it. CONIKS is a recent proposal for a public key infrastructure (PKI) system that lightens the verification burden on end users by requiring active monitoring of the user's key. We will investigate whether mobile devices are a suitable home for CONIKS clients by examining the client’s mobile performance and surveying mobile device liveness patterns. We will then make recommendations for how CONIKS can protect users from attacks on their secure communication.