Security Analysis and Recommendations for CONIKS as a PKI Solution for Mobile Apps

George Bradley Spendlove, Brigham Young University


Secure mobile apps, including end-to-end encrypted messaging apps such as Whats-App and Signal, are increasingly popular today. These apps require trust in a centralized key directory to automatically exchange the public keys used to secure user communication. This trust may be abused by malicious, subpoenaed, or compromised directories. A public key infrastructure (PKI) solution that requires less trust would increase the security of these commonly used apps.CONIKS is a recent PKI proposal that features transparent key directories which publish auditable digests of the public keys they present to queriers. By monitoring its key every time a new digest is published, a client can verify that its key is published correctly, reducing the need to trust the directory. CONIKS features improved security at the cost of unique auditing and monitoring requirements. In this thesis, we examine CONIKS' suitability as a PKI solution for secure mobile apps. We present a threat analysis of possible attacks on the CONIKS protocol and explore several important implications of CONIKS' system description, including recommendations for whistleblowing and key change policies. We also analyze mobile device usage data to estimate whether typical mobile device Internet connectivity is sufficient to fulfill CONIKS' monitoring requirement.