Keychat's avatar
Keychat 1 year ago
1/n Group chats with end-to-end encryption can be designed in many ways, each tailored for a specific number of participants and level of security. If we regard the security of one-on-one chats in Keychat as perfect, scoring 100, and the security of large group chats without end-to-end encryption as nonexistent, scoring 0, we can map out where the five identified end-to-end encryption group chat models fall in terms of group size and security on a diagram as shown below: image

Replies (11)

VictorieeMan's avatar
VictorieeMan VictorieeMan@victoriee.com 1 year ago
I think its also important to note the human aspect of it all. The saying: "You can only keep a secret between two people, and even the one is safer." Is true even here. So the larger the group the easier it is to sneak in as a third party eavesdropper. Even with best security encryption the screenshot leakage will increase per person in the group as well.
2 replies ↓
Keychat's avatar
Keychat 1 year ago
Right. Encryption protocols can only ensure security from a technical perspective; they fundamentally cannot address the issue of malicious actors within the group.
1 replies ↓
Keychat's avatar
Keychat 1 year ago
However, we need to consider that in large group chats, such as those with 1000 participants, updating the key tree results in 10 updates per message. Therefore, achieving the same frequency of updates as in one-on-one or small group chats is quite challenging.
VictorieeMan's avatar
VictorieeMan VictorieeMan@victoriee.com 1 year ago
After a critical size the chance of a malicious actor in the group becomes the weakpoint rather than the cryptography. This MLS is very cool however and will be very nice to see implemented. It will be the strong point.
furio's avatar
furio furio@pailakapo.com 1 year ago
Threads on here leave a little to be desired. This is awesome content. You should have instructional lessons on your website with this information, then just post each page as a note. It’s easier to navigate, imo.
1 replies ↓
Pip the WoT guy's avatar
Pip the WoT guy pip@vertexlab.io 1 year ago
shout out to @Keychat for their top notch content. (even though the scores can be debated)
Keychat's avatar Keychat
1/n Group chats with end-to-end encryption can be designed in many ways, each tailored for a specific number of participants and level of security. If we regard the security of one-on-one chats in Keychat as perfect, scoring 100, and the security of large group chats without end-to-end encryption as nonexistent, scoring 0, we can map out where the five identified end-to-end encryption group chat models fall in terms of group size and security on a diagram as shown below: image
View quoted note →
1 replies ↓
igisky's avatar
igisky 1 year ago
#optionplus
Keychat's avatar Keychat
1/n Group chats with end-to-end encryption can be designed in many ways, each tailored for a specific number of participants and level of security. If we regard the security of one-on-one chats in Keychat as perfect, scoring 100, and the security of large group chats without end-to-end encryption as nonexistent, scoring 0, we can map out where the five identified end-to-end encryption group chat models fall in terms of group size and security on a diagram as shown below: image
View quoted note →
calle's avatar
calle calle@cashu.me 9 months ago
tbh I agree with the plot. Not because of cryptography but the security level of any larger group will be lower than a small group ... because numbers.
Garbage nsec's avatar
Garbage nsec garbagensec@NostrAddress.com 9 months ago
That's true, but pretty hard to factor human behaviour in to any kind of model. For example a large group on an incredibly boring topic will be less prone to social engineering than a small group on a scandalous topic.