Abstract by Tarun Yadav

Personal Infomation

Presenter's Name

Tarun Yadav

Degree Level



Austin Kolander
Aaron Chan

Abstract Infomation


Computer Science

Faculty Advisor

Kent Seamons


Automating the Authentication Ceremony in Signal


End-to-end encryption is widely used in instant messaging applications like WhatsApp, Facebook, and Google Allo. The protocol used by these applications is vulnerable to an active attacker due to its reliance on a trusted key server. The current method to combat these attacks, known as the authentication ceremony, places the burden on users to manually verify each other's public key. This is time-consuming and confusing, and almost nobody adopts it. Our goal is to automate the authentication ceremony. In this talk, I will describe our research plan to (1) demonstrate that active impersonation and man-in-the-middle attacks are feasible by implementing them, (2) design solutions for automating the authentication ceremony, and (3) evaluate and compare how well each design defends against the attacks.