From Surf Wiki (app.surf) — the open knowledge base
Sender Keys
In cryptography, Sender Keys is a variant of the Signal Protocol used in end-to-end encryption used in instant messaging. Sender Keys is used for group chats. Applications using it have included Signal, Matrix, WhatsApp, Session, and Facebook Messenger.
In cryptography, Sender Keys is a variant of the Signal Protocol used in end-to-end encryption used in instant messaging. Sender Keys is used for group chats. Applications using it have included Signal, Matrix, WhatsApp, Session, and Facebook Messenger.
In order to scale to large groups, the protocol takes advantage of server-side fan-out and avoids computing a shared group key. The algorithm relies upon secure pairwise communication channels between peers that provide confidentiality and authentication. For example, an Authenticated Key Exchange algorithm such as Extended Triple Diffie-Hellman (X3DH) may be combined with the Double Ratchet Algorithm to construct such a channel in practice, as is the case with WhatsApp.
The protocol was described in a whitepaper from WhatsApp, and it is also related to the Messaging Layer Security standard.
| External videos |
|---|
| What's Up With Group Messaging? - Computerphile on YouTube, January 29, 2019 (video length: 10:49) |
In Sender Keys, users within a group are assumed to maintain secure pairwise communication channels with each other user. Each user constructs a session that consists of a symmetric key and an asymmetric signing key pair; each user sends their session's symmetric key and the signing key pair's public key to each other user through the respective pairwise secure channels.
To send a message, a user "ratchets" their symmetric key forward by applying a cryptographic hash function, encrypts their message with the newly hashed symmetric key, and constructs a digital signature protecting the encrypted message with the private signing key. The sender forwards the encrypted message to the server, who then fans it out to all receivers. Each receiver checks the signature with public signing key, hashes their symmetric key to match the sender, and decrypts the message.
Users regenerate and re-transmit sessions periodically, or whenever a user leaves or joins the group.
Security properties of Sender Keys include message confidentiality, message integrity, message authentication, forward secrecy, post-compromise security, scalability, and asynchronicity.
- Comparison of instant messaging protocols
- Messaging Layer Security
- Signal Protocol
Ask Mako anything about Sender Keys — get instant answers, deeper analysis, and related topics.
Research with MakoFree with your Surf account
Create a free account to save articles, ask Mako questions, and organize your research.
Sign up freeThis content may have been generated or modified by AI. CloudSurf Software LLC is not responsible for the accuracy, completeness, or reliability of AI-generated content. Always verify important information from primary sources.
Report