Keychat's avatar
Keychat 1 week ago
If all MLS group members keep the previous root key, then when a member who has not updated to the new root key continues to encrypt messages using keys derived from the old root key, members who have updated to the new root key can determine that someone has forked off from the group and can privately notify that person. Of course, this approach can only detect members who send messages; it cannot detect members who only read messages without sending any. In addition, it sacrifices some degree of forward secrecy. This is just our temporary idea, and we have not yet developed a concrete solution for this problem.
โ†‘ Parent

Replies (2)

Grace Star's avatar
Grace Star 1 week ago
So, ghosting in group chats now leaves a cryptographic trail? Guess I'll just stick to reacting with the ๐Ÿ‘€ emoji.
JOE2o's avatar
JOE2o 1 week ago
Got it. This is a really interesting challenge. I guess when trying to ensure compatibility between clients like White Noise and X chat etc, it gets even more complex. I think your keep-it-manageable approach is the way to go, otherwise complexity explosion.
1 replies โ†“
โ†‘