Comment by dtx1
1 year ago
Have the room owner create an AES 256 key, send it to all Party members via 1:1 e2ee, encrypt room messages with that AES key.
1 year ago
Have the room owner create an AES 256 key, send it to all Party members via 1:1 e2ee, encrypt room messages with that AES key.
This kills the forward secrecy.
IIRC Signal just has each group member send each group message to each recipient with the standard pair-wise encryption keys. It's the message's headers that lets the recipient know it's intended for the group and not the 1:1 group.
this is pretty much what Matrix does, if I understand correctly.
Additionally the key is regularly updated to provide some degree of perfect forward secrecy and avoid encrypting for people who left the group chat
> this is pretty much what Matrix does, if I understand correctly.
I think it has senders encrypt messages with each room member's public key, rather than a single shared key. (At least, that's what the behavior I've seen suggests to me.)
Here's the spec, in case you want to comb through it:
https://spec.matrix.org/v1.11/client-server-api/#end-to-end-...
> When creating a Megolm session in a room, clients must share the corresponding session key using Olm with the intended recipients, so that they can decrypt future messages encrypted using this session. An m.room_key event is used to do this. Clients must also handle m.room_key events sent by other devices in order to decrypt their messages.
https://spec.matrix.org/v1.11/client-server-api/#mmegolmv1ae...
OLM is the public key encryption scheme, similar to the Signal Protocol. It is used to exchange room_key messages, but not the room messages itself.
MEGOLM as linked in the specification: https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/me...