Secret handshake protocols

Sorniotti, Alessandro

Parties cooperating in hostile networked environments often need to establish an initial trust. Trust establishment can be very delicate when it involves the exchange of sensitive information, such as affiliation to a secret society or to an intelligence agency. The mechanism of Secret Handshakes tackles this problem, providing a solution for secure initial exchange between mistrusting principals. A Secret Handshake is a protocol that allows two users to mutually verify one another's properties, and in case of simultaneous matching, to share a key used to secure subsequent communications. The protocol assures that an outsider, or an illegitimate group member, does not learn anything by interacting with a legitimate user or by eavesdropping on protocol exchanges. In this thesis, we present several novel protocols, aimed at providing new features or at fixing shortcomings of existing protocols in the literature. At first, we focus on a new concept of Secret Handshake, called Dynamic Controlled Matching, generalizing other Secret Handshake variants. We then address the challenging task of revocation in Secret Handshakes, presenting an approach through which we can achieve revocation for each of the different variants of Secret Handshakes known in the literature. Furthermore, we study two decentralized Secret Handshake protocols, one where a number of separate mistrusting entities can federate to create a Secret Handshake scheme and another one where the scheme is self-managed by its users. Finally we investigate two use-cases for Secret Handshake protocols, the first involving online social networks and the second addressing supply chain management

Sécurité numérique
Eurecom Ref:
© TELECOM ParisTech. Personal use of this material is permitted. The definitive version of this paper was published in Thesis and is available at :