Attribute-Based Authentication in Secure Group Messaging for Distributed Environments and Safer Online Spaces

David Soler (1); Carlos Dafonte (1); Manuel Fern\'andez-Veiga (2); Ana Fern\'andez Vilas (2); Francisco J. N\'ovoa (1) ((1) CITIC; Universidade da Coru\v{n}a; A Coru\v{n}a; Spain; (2) atlanTTic; Universidade de Vigo; Vigo; Spain)

arXiv:2405.12042·cs.CR·April 23, 2026

Attribute-Based Authentication in Secure Group Messaging for Distributed Environments and Safer Online Spaces

David Soler (1), Carlos Dafonte (1), Manuel Fern\'andez-Veiga (2), Ana Fern\'andez Vilas (2), Francisco J. N\'ovoa (1) ((1) CITIC, Universidade da Coru\v{n}a, A Coru\v{n}a, Spain, (2) atlanTTic, Universidade de Vigo, Vigo, Spain)

PDF

TL;DR

This paper introduces an attribute-based authentication method for secure group messaging that enhances privacy and security, using attribute credentials instead of digital certificates, with formal security proofs and efficient implementation.

Contribution

It proposes a novel attribute-authenticated CGKA scheme, AA-CGKA, with formal security proofs and practical performance comparable to certificate-based solutions.

Findings

01

AA-CGKA achieves requirement integrity, unforgeability, and unlinkability.

02

The implementation demonstrates performance similar to traditional certificate-based methods.

03

The scheme enhances privacy by avoiding digital certificates and linking attacks.

Abstract

The Messaging Layer security (MLS) and its underlying Continuous Group Key Agreement (CGKA) protocol allows a group of users to share a cryptographic secret in a dynamic manner, such that the secret is modified in member insertions and deletions. Although this flexibility makes MLS ideal for implementations in distributed environments, a number of issues need to be overcome. Particularly, the use of digital certificates for authentication in a group goes against the group members' privacy. In this work we provide an alternative method of authentication in which the solicitors, instead of revealing their identity, only need to prove possession of certain attributes, dynamically defined by the group, to become a member. Instead of digital certificates, we employ Attribute-Based Credentials accompanied with Selective Disclosure in order to reveal the minimum required amount of information…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.