Paper 2023/1515

OPTIKS: An Optimized Key Transparency System

Julia Len, Cornell Tech
Melissa Chase, Microsoft Research Redmond
Esha Ghosh, Microsoft Research Redmond
Kim Laine, Microsoft Research Redmond
Radames Cruz Moreno, Microsoft Research Redmond
Abstract

Key Transparency (KT) refers to a public key distribution system with transparency mechanisms proving its correct operation, i.e., proving that it reports consistent values for each user's public key. While prior work on KT systems have offered new designs to tackle this problem, relatively little attention has been paid on the issue of scalability. Indeed, it is not straightforward to actually build a scalable and practical KT system from existing constructions, which may be too complex, inefficient, or non-resilient against machine failures. In this paper, we present OPTIKS, a full featured and optimized KT system that focuses on scalability. Our system is simpler and more performant than prior work, supporting smaller storage overhead while still meeting strong notions of security and privacy. Our design also incorporates a crash-tolerant and scalable server architecture, which we demonstrate by presenting extensive benchmarks. Finally, we address several real-world problems in deploying KT systems that have received limited attention in prior work, including account decommissioning and user-to-device mapping.

Note: This is the full version.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. USENIX Security '24
Keywords
transparencykey transparency
Contact author(s)
jl3836 @ cornell edu
melissac @ microsoft com
esha ghosh @ microsoft com
kim laine @ microsoft com
radames cruz @ microsoft com
History
2024-08-15: revised
2023-10-04: received
See all versions
Short URL
https://ia.cr/2023/1515
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1515,
      author = {Julia Len and Melissa Chase and Esha Ghosh and Kim Laine and Radames Cruz Moreno},
      title = {{OPTIKS}: An Optimized Key Transparency System},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1515},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1515}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.