Sky Seminar: Esha Ghosh (MSR Redmond) – Key Transparency: From Theory to Practice


Speaker: Esha Ghosh
Location: Soda 510
Date: November 15th, 2024
Time: 12pm-1pm PDT

Title: Key Transparency: From Theory to Practice

Abstract:
End-to-end encryption (E2EE) in messaging and calling/meeting apps have become ubiquitous in the past few years. Security of end-to-end encrypted communication apps crucially rely on the assumption that the user has the correct identity public key for the person they wish to establish an encrypted communication channel with. Traditionally, E2EE communication systems have required the user to perform cumbersome manual checks to establish the authenticity of these identity public keys, e.g. by physically scanning QR codes, or by verbally reading a fingerprint. In practice, these verifications are rarely performed.

Key Transparency (KT) allows much of this verification to be automated. Service providers that support KT  regularly publish a commitment to the identity key directory; this commitment must be publicly and consistently visible to all users.  Every key request is accompanied by a proof that the key is correct with respect to the committed directory.  Finally, the user’s device regularly monitors the committed directory to ensure that the user’s key is correctly reflected.

In this talk, I will first l introduce KT and briefly discuss its academic literature. Then I will talk about some of the challenges that come up in adopting academic designs to large scale deployments, and how that opens up new research directions. I will conclude this talk with a discussion of active research and open problems in  the intersection of database systems, distributed consensus and cryptographic protocol design in KT.

Bio:
Esha Ghosh is a Principal Researcher in the Cryptography group at Microsoft Research, Redmond, USA. Most recently she has been working on key transparency and authentication for end-to-end encrypted communication systems. Her work on key transparency is being used in the deployments by WhatsApp and Proton Key Transparency. Her paper Parakeet has won the IRTF 2024 Applied Network Research Prize. Apart from key transparency, Esha is interested in key management, decentralized identity, encrypted graph search and authenticated data structures. She has also worked on privacy attacks on applications deploying ML models. Before joining Microsoft Research, Esha graduated from Brown University.