![]() ![]() Protocols like PGP have been around for some time and offer "group messaging" by simply encrypting the content with a randomly generated symmetric key and then encrypting that key asymmetrically with the public keys of each of the recipients. Let me try to sum up what the landscape of end-to-end encrypted messaging protocols for group chat looks like: ![]() Tox has some extensive documentation but somehow I can't seem to find how encryption happens in a group chat.Īnother source even claims "you can't make groups with end-to-end" (though I am fairly sure they are mistaken).Īnd finally a bunch of other popular applications such as Mumble and XMPP cannot do end-to-end to begin with, or simply do not support group chats such as Telegram, Ricochet and ZRTP. Signal, WhatsApp and Allo use the Signal Protocol which violates requirement #2. I thought I read about something a few years ago where the group derived a common key and used that or something, but I cannot find anything like that. I've looked for existing protocols, but came up with zero results that meet these requirements. This scales reasonably enough, and there might not be a way around it without compromising security, so this is allowed and does not count as 'encrypting every message for everyone'. With potentially hundreds of members in a group, even encrypting an encryption key for each member is a considerable downside.Įvery new member may receive everyone's public key upon joining, and any group key(s) must be rotated when a member leaves. The Signal Protocol does this, turning group chats into many one-on-one chats, which is not a proper, scalable solution to the problem. It should not encrypt each message for each member individually. Just what you would expect: messages are only decipherable by the chat members and message tampering is detected. I am looking for existing protocols for a group chat with two things:Įnd to end encrypted. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |