Abstract
LINE is currently the most popular messaging service in Japan. Communications using LINE are protected by the original encryption scheme, called LINE Encryption, and specifications of the client-to-server transport encryption protocol and the client-to-client message end-to-end encryption protocol are published by the Technical Whitepaper. Though a spoofing attack (i.e., a malicious client makes another client misunderstand the identity of the peer) and a reply attack (i.e., a message in a session is sent again in another session by a man-in-the-middle adversary, and the receiver accepts these messages) to the end-to-end protocol have been shown, no formal security analysis of these protocols is known.
In this paper, we show a formal verification result of secrecy of application data and authenticity for protocols of LINE Encryption (Version 1.0) by using the automated security verification tool ProVerif. Especially, since it is claimed that the transport protocol satisfies forward secrecy (i.e., even if the static private key is leaked, security of application data is guaranteed), we verify forward secrecy for client’s data and for server’s data of the transport protocol, and we find an attack to break secrecy of client’s application data. Moreover, we find the spoofing attack and the reply attack, which are reported in previous papers.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
In [1], it is described as \(\mathbf{{MS}}_\mathrm{temp}\) = HKDF\(_\mathrm{ex}\)(\(\mathbf{{c}}_\mathrm{public}\)||\(\mathbf{{c}}_\mathrm{nonce}\), \(\mathbf{{share}}_\mathrm{temp}\)). However, it is a typo. The authors confirmed the typo to the LINE Security Team.
- 2.
In [1], it is described as to send \(\mathbf{{c}}_\mathrm{public}\). However, it is a typo. The authors confirmed the typo to the LINE Security Team.
References
LINE Encryption Overview (Ver. 1.0). https://scdn.line-apps.com/stf/linecorp/en/csr/line-encryption-whitepaper-ver1.0.pdf
LINE Encryption Status Report, 24 August 2018. https://linecorp.com/en/security/encryption_report
Espinoza, A.M., Tolley, W.J., Crandall, J.R., Crete-Nishihata, M., Hilts, A.: Alice and Bob, who the FOCI are they?: analysis of end-to-end encryption in the LINE messaging application. In: FOCI @ USENIX Security Symposium (2017)
Isobe, T., Minematsu, K.: Spoofing attack and forgery attack against LINE’s end-to-end encryption. In: SCIS 2018 (2018). (in Japanese)
Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 1.98. http://prosecco.gforge.inria.fr/personal/bblanche/proverif
McGrew, D., Viega, J.: The Galois/Counter Mode of Operation (GCM). Manuscript, May 2005. NIST website
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Shi, C., Yoneyama, K. (2018). Verification of LINE Encryption Version 1.0 Using ProVerif. In: Inomata, A., Yasuda, K. (eds) Advances in Information and Computer Security. IWSEC 2018. Lecture Notes in Computer Science(), vol 11049. Springer, Cham. https://doi.org/10.1007/978-3-319-97916-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-97916-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-97915-1
Online ISBN: 978-3-319-97916-8
eBook Packages: Computer ScienceComputer Science (R0)