CONIKS: A Privacy-Preserving Consistent Key Service for Secure End-to-End Communication

Recent revelations about government surveillance have significantly increased the demand for end-to-end secure communications. However, key management remains a major barrier to adoption. Current systems are often either vulnerable to a malicious or coerced key directory or they make unrealistic assumptions about user behavior, for example, that users will verify key fingerprints out of band. We present CONIKS, a system that provides automated key management for end users capable of seamless integration into existing secure messaging applications. In CONIKS, key servers maintain consistent directories of username-to-public key bindings that allow participants to detect any equivocation or unexpected key changes by malicious key servers. CONIKS also preserves user’s privacy by ensuring that adversaries cannot harvest large numbers of usernames from the directories. Our prototype chat application extends the Off-the-Record Messaging plug-in for Pidgin. A single commodity server can support up to 10 million users and clients need only download less than 100 kB per day of additional data.