Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Implementing a Fast, Memory–safe Axolotl Ratche...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Jihyeok Seo
December 05, 2015
Research
0
120
Implementing a Fast, Memory–safe Axolotl Ratchet Protocol
2015 한국정보보호학회 동계학술대회 (CISC-W'15)
Jihyeok Seo
December 05, 2015
Tweet
Share
More Decks by Jihyeok Seo
See All by Jihyeok Seo
네이버 블로그를 백업해주는 exitnaver와 그 이야기
limeburst
0
130
Other Decks in Research
See All in Research
Satellites Reveal Mobility: A Commuting Origin-destination Flow Generator for Global Cities
satai
3
500
ドメイン知識がない領域での自然言語処理の始め方
hargon24
1
240
AI Agentの精度改善に見るML開発との共通点 / commonalities in accuracy improvements in agentic era
shimacos
4
1.3k
競合や要望に流されない─B2B SaaSでミニマム要件を決めるリアルな取り組み / Don't be swayed by competitors or requests - A real effort to determine minimum requirements for B2B SaaS
kaminashi
0
740
湯村研究室の紹介2025 / yumulab2025
yumulab
0
300
学習型データ構造:機械学習を内包する新しいデータ構造の設計と解析
matsui_528
6
3.1k
生成AIとうまく付き合うためのプロンプトエンジニアリング
yuri_ohashi
0
140
姫路市 -都市OSの「再実装」-
hopin
0
1.6k
[IBIS 2025] 深層基盤モデルのための強化学習 驚きから理論にもとづく納得へ
akifumi_wachi
19
9.6k
第二言語習得研究における 明示的・暗示的知識の再検討:この分類は何に役に立つか,何に役に立たないか
tam07pb915
0
1.2k
LLMアプリケーションの透明性について
fufufukakaka
0
140
20年前に50代だった人たちの今
hysmrk
0
140
Featured
See All Featured
AI Search: Where Are We & What Can We Do About It?
aleyda
0
7k
How to Think Like a Performance Engineer
csswizardry
28
2.4k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.7k
Music & Morning Musume
bryan
47
7.1k
Stop Working from a Prison Cell
hatefulcrawdad
273
21k
We Are The Robots
honzajavorek
0
160
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
120
Docker and Python
trallard
47
3.7k
Why Our Code Smells
bkeepers
PRO
340
58k
Everyday Curiosity
cassininazir
0
130
Java REST API Framework Comparison - PWX 2021
mraible
34
9.1k
We Have a Design System, Now What?
morganepeng
54
8k
Transcript
ࡅܰҊ ݫݽܻ–উೠ ইഓ۽ౣ ېஞ ۽ష ҳഅ ࢲഄ*, ട࠼** ѤҴҮ ࢤݺҗҗ*,
ࢲৈҮ ࠁࠁഐҗ**
Implementing a Fast, Memory–safe Axolotl Ratchet Protocol Jihyeok Seo*, Dabin
Hwang** Konkuk University*, Seoul Women’s University**
Motivation • 20150730, Yonhap, “NIS, Requested ‘Hacking Team’ Provide KakaoTalk
Wiretapping” • 20151006, Yonhap, “Kakao, Starts Producing Data For Wiretapping Warrants” • We need secure, end–to–end encrypted mobile communication methods
How? • Suitable protocols for the mobile environment • Secure
cryptographic primitives • Safe implementations
Ratcheting Protocol
Ratcheting • Sharing a secret is trivial (Diffie–Hellman) • How
do we reduce risk of a compromised shared secret key? • Constantly change the shared secret • Ratcheting Protocols (OTR, SCIMP, Axolotl, etc.)
OTR • https://otr.cypherpunks.ca • Diffie–Hellman key exchange on every message
• Assumptions: communicating parties are always online • In mobile environments, not always so
SCIMP • https://silentcircle.com/products-and-solutions/ technology/scimp/ • Hash–based iteration ratchet • Can
ratchet even when offline • Past keys can be used to derive future keys
Axolotl • https://github.com/trevp/axolotl/wiki • Trevor Perrin • State-of-the-art key ratcheting
protocol • OTR (DH ratchet) + SCIMP (hash ratchet) • Opportunistic
Cryptographic Primitives
Message Encryption: ChaCha20 • D. J. Bernstein. 2008. • http://cr.yp.to/papers.html#chacha
• Faster, more energy-efficient in mobile devices • Immune to timing, padding oracle attacks
Message Authentication: Poly1305 • D. J. Bernstein. 2005. • http://cr.yp.to/papers.html#poly1305
• Faster, more energy-efficient in mobile devices • Smaller MAC size compared to HMAC–SHA256
ChaCha20–Poly1305 • Accepted TLS cipher suite • Used for communication
between Android devices and Google services • Used for Cloudflare CDN network • Industry tested cipher suite
Comparison Signal Lumi Key Derivation HKDF (HMAC–SHA256) Key Exchange X25519
(Curve25519) Encryption AES–256 (CTR) ChaCha20 MAC HMAC–SHA256 Poly1305–AES
Safe Implementation
Rust • https://www.rust-lang.org • Guaranteed memory safety • Prevents security
vulnerabilities • Buffer overflows, dangling pointers, data race…
None
None
None
Conclusion • Memory–safe implementation of the state–of–the– art ratcheting protocol
• Better, faster, more secure cryptographic primitives • Proof of concept of an end–to–end encrypted messaging application
Future Work • Adopt post-quantum cryptography (Ring-LWE, SPHINCS, etc.) •
Reduce metadata leak (I2P, Tor, Router Federation, etc.) • Formal verification of Rust code (Coq, Isabelle, etc.)
Acknowledgements • KITRI Best of the Best • NAVER, Sanghyun
Cho, Heo Gyu
limeburst
.png){kind=avatar}
satai
hargon24
shimacos
kaminashi
yumulab
matsui_528
yuri_ohashi
hopin
akifumi_wachi
tam07pb915
fufufukakaka
hysmrk
aleyda
csswizardry
bcantrill
bryan
hatefulcrawdad
honzajavorek
mkilby
trallard
bkeepers
cassininazir
mraible
morganepeng
