Paper 2023/1761
Guardianship in Group Key Exchange for Limited Environments
Abstract
Post-compromise security (PCS) has been a core goal of end-to-end encrypted messaging applications for many years, both in one-to-one continuous key agreement (CKA) and for groups (CGKA). At its essence, PCS relies on a compromised party to perform a key update in order to `self-heal'. However, due to bandwidth constraints, receive-only mode, and various other environmental demands of the growing number of use cases for such CGKA protocols, a group member may not be able to issue such updates. In this work, we address the issue of devices functioning in limited mode through the introduction of guardianship, where a designated guardian can perform key updates on the behalf of its paired edge device. We introduce a Guardianship PCS (GPCS) security, and provide an associated security experiment. We investigate various architectural designs in the pursuit of GPCS, provide constructions and security analyses, and describe trade-offs.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- CKACGKAMLSPCSFSGPCSGuardianshipGCGKALimitedConstrained
- Contact author(s)
-
Elsie Fondevik @ kongsberg com
britta hale @ nps edu
xisen tian1 @ nps edu - History
- 2024-12-19: last of 2 revisions
- 2023-11-14: received
- See all versions
- Short URL
- https://ia.cr/2023/1761
- License
-
CC0
BibTeX
@misc{cryptoeprint:2023/1761, author = {Elsie Mestl Fondevik and Britta Hale and Xisen Tian}, title = {Guardianship in Group Key Exchange for Limited Environments}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1761}, year = {2023}, url = {https://eprint.iacr.org/2023/1761} }