Secure group chats in messengers are usually created in two ways: using pairwise channels with continuous key agreement according to the Double Ratchet scheme or using special cryptographic protocols, for example, based on a tree-like scheme for group keys generating. In the first case, each pair of users generates a common key, and the group is formed by the system tools. In the second case, all users of the group collectively generate an iteratively updated shared secret. Both methods have their advantages and disadvantages. If the first method is characterized by high overhead costs for storing and transferring key information, then in the second case, it is not possible to achieve such important security properties for instant messengers as post-compromise security and forward secrecy. However, the post-quantum resistance of these protocols remains unexplored. The article analyzes the existing group chat protocols for classical and post-quantum security. This work identifies the cryptographic primitives and protocol organization methods leading to decreasing cryptographic resistance to attacks using a quantum computer. The article proposes protocols resistant to adversary attacks with a quantum computer and discusses the possibilities of their application. The adversary model and the attack model are expanded and formally described considering attacks using a quantum computer. The main results of the work are secure group messaging protocols secure against attacks using a quantum computer, based on modifications of the tree-like schemes of continuous key agreement. The paper provides the specifications of the developed protocols. Possible technical difficulties in the implementation of post-quantum-resistant group messengers are identified, and directions for further research are outlined.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Price excludes VAT (USA)
Tax calculation will be finalised during checkout.
WhatsApp. WhatsApp Encryption Overview. Technical report [Online] (2021). Available at: https://scontent.whatsapp.net. Accessed at 28 Dec 2021
Perrin, T., Marlinspike, M.: The Double Ratchet Algorithm. Available from: https://signal.org/docs/s
Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Security Analysis and Improvements for the IETF MLS Standard for Group Messaging (2020). https://doi.org/10.1007/978-3-030-56784-2_9
Cohn-Gordon, K., Cremers, C., Garratt, L, Millican, J., Milner, K.: On ends-to-ends encryption: asynchronous group messaging with strong security guarantees. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS '18). Association for Computing Machinery, New York, NY, USA, 1802–1819 (2018). https://doi.org/10.1145/3243734.3243747
Cohn-Gordon, K., Cremers, C., Garratt, L: On post-compromise security. In: Computer Security Foundations Symposium (CSF), 2016 IEEE 29th. IEEE, pp. 164–178 (2016)
Bhargavan, K., Barnes, R., Rescorla, E: TreeKEM: Asynchronous Decentralized Key Management for Large Dynamic Groups A protocol proposal for Messaging Layer Security (MLS) [Research Report] Inria Paris (2018)
Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In Yang, B., editor, PQCrypto 2011, volume 7071 of LNCS, pp. 19–34. Springer (2011). https://doi.org/10.1007/978-3-642-25405-5_2
Xu, X., Xue, H., Wang, K., Au, M.H., Tian, S.: Strongly secure authenticated key exchange from supersingular isogenies. In: Galbraith S., Moriai S. (eds) Advances in Cryptology—ASIACRYPT 2019. ASIACRYPT 2019. Lecture Notes in Computer Science, vol 11921. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34578-5_11
Edward Eaton, E., Jao, D., Komlo, C., Mokrani, Y.: Towards Post-Quantum Updatable Public-Key Encryption via Supersingular Isogenies [Online]. Available at: https://eprint.iacr.org/2019/535.pdf (Accessed at 28.12.2021)
This work was supported by the Ministry of Science and Higher Education of the Russian Federation (state assignment project No. 0723-2020-0036).
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Bobrysheva, J., Zapechnikov, S. Post-quantum security of messengers: secure group chats and continuous key distribution protocols. J Comput Virol Hack Tech 19, 373–380 (2023). https://doi.org/10.1007/s11416-022-00446-x