Secure messaging (SM) protocols allow users to communicate securely over an untrusted infrastructure. Alwen et al. formally defined the key agreement protocol used in secure group messaging (SGM) as continuous group key agreement (CGKA) at CRYPTO 2020. In their CGKA protocol, all of the group members have the same rights to execute algorithms, and a trusted third party is needed. On the other hand, some applications such as a broadcasting service may have an administrator in the group. When the administrator as the group manager (GM) is distinguished from other group members, i.e., in a one-to-many setting, it would be better for the GM and the other group members to have different authorities. We propose a new CGKA protocol, called CGKA with flexible authorization (CGKA-FA) by incorporating a ratcheting digital signature scheme (Cremers et al. at USENIX Security 2021) into the existing CGKA protocol and demonstrate that such a simple modification allows us to provide flexible authorization. Our proposed protocol does not need an external public key infrastructure (PKI) functionality as a trusted third party. So no third party outside the group handles confidential information of users and thus no one except group members can read messages regardless of key updates. In our CGKA-FA protocol, it is possible to set privileges of users in a group flexibly, which is highly compatible with the field of broadcasting.
Kajita et al. (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: