Following Edward Snowden’s revelations about government mass surveillance, end-to-end encryption is now widely available through services such as Facebook’s WhatsApp. The technique ensures that only sender and recipient can read a message. Dr. Jiangshan Yu at the University of Luxembourg has developed a solution to a longstanding problem in the field of end-to-end encryption: With current end-to-end encryption methods, if an attacker compromises a recipient’s device he can then intercept, read and alter all future communications without sender or recipient ever knowing. Dr. Yu’s solution, developed in collaboration with Prof. Mark Ryan (University of Birmingham) and Prof. Cas Cremers (University of Oxford), adds an extra layer of security, forcing attackers to leave evidence of any such activity and prompting users to take action.

The paper presenting the protocol, ‘DECIM: Detecting Endpoint Compromise in Messaging’, was published in the IEEE Transactions on Information Forensics and Security, a leading peer-reviewed journal in the field of computer security and cryptography. Dr. Yu, Research Associate at the University’s Interdisciplinary Centre for Security, Reliability and Trust (SnT), was motivated to undertake this research by the discovery of mass software vulnerabilities, such as the Heartbleed bug, that make the majority of devices vulnerable to compromise. “There are excellent end-to-end encryption services out there, but once a device has been compromised there’s little we can do. That’s the problem we wanted to solve,” he explained.


Current End-to-end encryption uses pairs of cryptographic ‘keys’, stored in the device, for the sender to encrypt and the recipient to decrypt messages; anyone wanting to read a user’s messages has to first hack into their phone to steal the latest keys. The attacker then performs a ‘Man-in-the-middle’ (MITM) attack, for example by taking control of the user’s WIFI router to intercept their messages, and uses the stolen keys to impersonate them.

Current encryption protocols such as Signal used by WhatsApp make the most of the fact that a MITM attacker can only intercept messages sent via the compromised network (in this case the WiFi). For example, as soon as you send a message via 3G rather than the compromised WiFi the attacker will no longer be able to act as an intermediary. They will lose track of the keys and be locked out of the conversation.


Dr. Yu’s DECIM solution addresses the question of what to do when the attacker is in a position to intercept all of a user’s messages on a long-term basis. Both Internet Service Providers and messaging service operators are in such a position – all messages pass through their servers. Unlike an attack via WiFi, if the attacker obtains a customer’s keys, he might never be locked out of a conversation, and the customer would never know.

With DECIM, the recipient’s device automatically certifies new key pairs, storing the certificates in a tamper-resistant public ledger. For example, to prepare for receiving a message, a recipient’s device (let’s call the recipient Robert) certifies an encryption key, and publishes the certificate in the ledger. To send a message, the sender’s device (let’s call the sender Sally) uses a cryptographic process to fetch and verify the certified encryption key from the ledger. She then uses it to send a message to Robert, whose device opens it with the corresponding decryption key.

If an attacker wants to impersonate Robert, he will need to put a forged key certificate in the ledger, persuading Sally’s device to use a fake encryption key. However, the DECIM ledger supports automatic cryptographic proof generation and verification to ensure that the log cannot be tampered with. So, if Robert’s device detects forged certificates, it is sure evidence of an attacker impersonating him. The log also records device activity, so if Robert sees a record for a device that he hasn’t used recently it is again evidence of an attack.

Dr. Yu and his collaborators undertook a formal security analysis (the so-called ‘Tamarin prover’), which tests against all possible attacks, verifying DECIM’s capabilities. This is a rare step for a messaging protocol, and the same analysis for other protocols revealed several security flaws. “There’s no silver bullet in the field of end-to-end encryption”, says Dr. Yu, a member of SnT’s Critical and Extreme Security and Dependability Research Group (CritiX), “but we hope that our contribution can add an extra layer of security and help to level the playing field between users and attackers.”

Photo: © University of Luxembourg

Read more

European Defence Fund launches first calls for proposals


Following the recent launch of the European Defence Fund (EDF), 23 calls for proposals in support of collaborative defence R&D projects are now open. In order to pave the way for Luxembourg organisations wanting to be part of project consortia, Luxinnovation and its international partners are offering matchmaking opportunities.
Read more

New Luxembourg roadmap for a competitive and sustainable economy


On 21 June 2021, Minister of the Economy Franz Fayot presented a new roadmap for supporting the transformation of the Luxembourg economy until 2025. The roadmap notably focuses on accelerating digitalisation, facilitating the transition to a circular economy, developing strategic, resilient value chains and fostering a safe, trusted data economy.
Read more

A nation-wide digital twin


Digitalisation is key to building a smarter and more resilient Luxembourg. Researchers at the Luxembourg Institute of Science and Technology are working on the ambitious project of building a digital twin of the whole country.
Read more

Data ecosystem building blocks


Luxembourg’s ecosystem supporting the data economy stands out for its completeness and the seamless interaction between its various components. A snapshot of some of the key initiatives.
Read more

Data-driven air cargo innovation


CHAMP is one of the global leaders in supplying integrated IT solutions to the airfreight community. Energised by Luxembourg’s data economy ecosystem, the company is using cutting edge technologies to develop data-based, innovative cargo services.
Read more

All news