What problem does this paper attempt to address?

### Problems the Paper Attempts to Solve This paper primarily proposes a new solution to the authentication issues in modern messaging applications. Specifically: 1. **Existing authentication ceremonies are not effective**: - The default authentication methods provided by current messaging applications (such as Signal and WhatsApp), like comparing safety numbers, are not reliable because users either are unwilling to perform these actions or cannot execute them correctly. - Studies show that even with user guidance, only about 75%-80% of users can successfully complete the authentication ceremony; without guidance, this proportion drops to 15%-25%. 2. **Traditional authentication methods have trust issues**: - Users need to highly trust the security of SMS and application servers, while attackers can perform man-in-the-middle (MITM) attacks by compromising SMS providers or key servers. - For example, after Twilio's SMS one-time password (OTP) provider was attacked, attackers could re-register users' phone numbers, thereby performing impersonation attacks. 3. **Need to improve security and privacy**: - Users need a more automated and easy-to-adopt authentication method to ensure the security of their messaging accounts, and this method should be able to verify the identity of chat partners. - At the same time, this method should protect users' privacy, preventing identity providers (IdPs) from obtaining users' communication information. To address the above issues, the authors propose a protocol called SOAP (Social Authentication Protocol). The main features of SOAP include: - **Automated social authentication**: Authentication through multiple identity providers (IdPs), significantly raising the bar for attackers. - **Security assurance**: Defines a new security property called "sender correspondence," ensuring that a message session can only be tampered with if all digital identities and application key servers are compromised. - **Privacy protection**: Processes safety numbers through hashing and salting to avoid leaking too much information to IdPs. - **Usability and compatibility**: Based on the existing OpenID Connect standard, making SOAP easy to implement and compatible with existing systems. In summary, this paper aims to provide a more secure, automated, and easy-to-adopt social authentication method through the SOAP protocol to enhance the security of messaging applications and protect user privacy.