{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T19:42:24Z","timestamp":1768074144013,"version":"3.49.0"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031070846","type":"print"},{"value":"9783031070853","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-07085-3_28","type":"book-chapter","created":{"date-parts":[[2022,5,28]],"date-time":"2022-05-28T10:23:23Z","timestamp":1653733403000},"page":"815-844","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["CoCoA: Concurrent Continuous Group Key Agreement"],"prefix":"10.1007","author":[{"given":"Jo\u00ebl","family":"Alwen","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7553-6606","authenticated-orcid":false,"given":"Benedikt","family":"Auerbach","sequence":"additional","affiliation":[]},{"given":"Miguel Cueto","family":"Noval","sequence":"additional","affiliation":[]},{"given":"Karen","family":"Klein","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8630-415X","authenticated-orcid":false,"given":"Guillermo","family":"Pascual-Perez","sequence":"additional","affiliation":[]},{"given":"Krzyzstof","family":"Pietrzak","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Walter","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,5,25]]},"reference":[{"key":"28_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/978-3-030-90456-2_8","volume-title":"Theory of Cryptography","author":"J Alwen","year":"2021","unstructured":"Alwen, J., et al.: Grafting key trees: efficient key management for overlapping groups. In: Nissim, K., Waters, B. (eds.) TCC 2021. LNCS, vol. 13044, pp. 222\u2013253. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-90456-2_8"},{"key":"28_CR2","unstructured":"Alwen, J., et al.: Cocoa: Concurrent continuous group key agreement (2022). Cryptology ePrint Archive, Report 2022\/251, https:\/\/eprint.iacr.org\/2022\/251"},{"key":"28_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"248","DOI":"10.1007\/978-3-030-56784-2_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"J Alwen","year":"2020","unstructured":"Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Security analysis and improvements for the IETF MLS standard for group messaging. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 248\u2013277. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56784-2_9"},{"key":"28_CR4","doi-asserted-by":"crossref","unstructured":"Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Modular design of secure group messaging protocols and the security of MLS. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 1463\u20131483. ACM Press (2021)","DOI":"10.1145\/3460120.3484820"},{"key":"28_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1007\/978-3-030-64378-2_10","volume-title":"Theory of Cryptography","author":"J Alwen","year":"2020","unstructured":"Alwen, J., Coretti, S., Jost, D., Mularczyk, M.: Continuous group key agreement with active security. In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12551, pp. 261\u2013290. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64378-2_10"},{"key":"28_CR6","unstructured":"Alwen, J., Hartmann, D., Kiltz, E., Mularczyk, M.: Server-aided continuous group key agreement. Cryptology ePrint Archive, Report 2021\/1456, 2021. https:\/\/eprint.iacr.org\/2021\/1456"},{"key":"28_CR7","unstructured":"Alwen, J., Jost, D., Mularczyk, M.: On the insider security of MLS. Cryptology ePrint Archive, Report 2020\/1327 (2020). https:\/\/eprint.iacr.org\/2020\/1327"},{"key":"28_CR8","unstructured":"Barnes, R., Beurdouche, B., Millican, J., Omara, E., Cohn-Gordon, K., Robert, R.: The Messaging Layer Security (MLS) Protocol. Internet-Draft draft-ietf-mls-protocol-11, Internet Engineering Task Force (2020). Work in Progress"},{"key":"28_CR9","unstructured":"Bhargavan, K., Barnes, R., Rescorla, E.: TreeKEM: asynchronous decentralized key management for large dynamic groups (2018). https:\/\/mailarchive.ietf.org\/arch\/attach\/mls\/pdf1XUH6o.pdf"},{"key":"28_CR10","unstructured":"Bhargavan, K., Beurdouche, B., Naldurg, P.: Formal Models and Verified Protocols for Group Messaging: Attacks and Proofs for IETF MLS. Research report, Inria Paris (2019)"},{"key":"28_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-030-64378-2_8","volume-title":"Theory of Cryptography","author":"A Bienstock","year":"2020","unstructured":"Bienstock, A., Dodis, Y., R\u00f6sler, P.: On the price of concurrency in group ratcheting protocols. In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12551, pp. 198\u2013228. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64378-2_8"},{"key":"28_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/3-540-46035-7_21","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"E Bresson","year":"2002","unstructured":"Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group diffie-hellman key exchange under standard assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321\u2013336. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_21"},{"key":"28_CR13","unstructured":"Brzuska, C., Cornelissen, E., Kohbrok, K.: Cryptographic security of the mls rfc, draft 11. Cryptology ePrint Archive, Report 2021\/137 (2021). https:\/\/eprint.iacr.org\/2021\/137"},{"key":"28_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/BFb0053443","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u201994","author":"M Burmester","year":"1995","unstructured":"Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275\u2013286. Springer, Heidelberg (1995). https:\/\/doi.org\/10.1007\/BFb0053443"},{"key":"28_CR15","doi-asserted-by":"crossref","unstructured":"Canetti, R., Garay, J.A., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: IEEE INFOCOM 1999, New York, NY, USA, 21\u201325 March 1999, pp. 708\u2013716 (1999)","DOI":"10.1109\/INFCOM.1999.751457"},{"key":"28_CR16","doi-asserted-by":"crossref","unstructured":"Cohn-Gordon, K., Cremers, C., Garratt, L., Millican, J., Milner, K.: On ends-to-ends encryption: asynchronous group messaging with strong security guarantees. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 1802\u20131819. ACM Press (2018)","DOI":"10.1145\/3243734.3243747"},{"key":"28_CR17","unstructured":"Cremers, C., Hale, B., Kohbrok, K.: The complexities of healing in secure group messaging: Why cross-group effects matter. In: Bailey, M., Greenstadt, R. (eds.) USENIX Security 2021, pp. 1847\u20131864. USENIX Association (2021)"},{"key":"28_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1007\/978-3-030-88428-4_29","volume-title":"Computer Security \u2013 ESORICS 2021","author":"J Devigne","year":"2021","unstructured":"Devigne, J., Duguey, C., Fouque, P.-A.: MLS group messaging: how zero-knowledge can secure updates. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12973, pp. 587\u2013607. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-88428-4_29"},{"key":"28_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/11506157_9","volume-title":"Information Security and Privacy","author":"R Dutta","year":"2005","unstructured":"Dutta, R., Barua, R.: Dynamic group key agreement in\u00a0tree-based\u00a0setting. In: Boyd, C., Gonz\u00e1lez Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 101\u2013112. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11506157_9"},{"key":"28_CR20","unstructured":"Emura, K., Kajita, K., Nojima, R., Ogawa, K., Ohtake, G.: Membership privacy for asynchronous group messaging. Cryptology ePrint Archive, Report 2022\/046 (2022). https:\/\/eprint.iacr.org\/2022\/046"},{"key":"28_CR21","doi-asserted-by":"crossref","unstructured":"Hashimoto, K., Katsumata, S., Postlethwaite, E., Prest, T., Westerbaan, B.: A concrete treatment of efficient continuous group key agreement via multi-recipient PKEs. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 1441\u20131462. ACM Press (2021)","DOI":"10.1145\/3460120.3484817"},{"key":"28_CR22","unstructured":"Howell, C., Leavy, T., Alwen, J.: Wickr messaging protocol: technical paper (2019). https:\/\/1c9n2u3hx1x732fbvk1ype2x-wpengine.netdna-ssl.com\/wp-content\/uploads\/2019\/12\/WhitePaper_WickrMessagingProtocol.pdf"},{"issue":"5","key":"28_CR23","doi-asserted-by":"publisher","first-page":"714","DOI":"10.1109\/TIT.1982.1056542","volume":"28","author":"I Ingemarsson","year":"1982","unstructured":"Ingemarsson, I., Tang, D., Wong, C.: A conference key distribution system. IEEE Trans. Inf. Theory 28(5), 714\u2013720 (1982)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"28_CR24","doi-asserted-by":"crossref","unstructured":"Hashimoto, K.,\u00a0Katsumata, S.,\u00a0Postlethwaite, E.,\u00a0Prest, T.,\u00a0Westerbaan, B.: A concrete treatment of efficient continuous group key agreement via multi-recipient PKEs. In:\u00a0Vigna, G.,\u00a0Shi, E. (eds.) ACM CCS 2021, pp. 1441\u20131462. ACM Press (2021)","DOI":"10.1145\/3460120.3484817"},{"key":"28_CR25","doi-asserted-by":"crossref","unstructured":"Klein, K., et al.: Keep the dirt: tainted TreeKEM, adaptively and actively secure continuous group key agreement. In: 2021 IEEE Symposium on Security and Privacy, pp. 268\u2013284. IEEE Computer Society Press (2021)","DOI":"10.1109\/SP40001.2021.00035"},{"key":"28_CR26","unstructured":"Weidner, M.A.: Group Messaging for Secure Asynchronous Collaboration. Master\u2019s thesis, University of Cambridge (2019)"},{"key":"28_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-540-70936-7_2","volume-title":"Theory of Cryptography","author":"S Panjwani","year":"2007","unstructured":"Panjwani, S.: Tackling adaptive corruptions in multicast encryption protocols. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 21\u201340. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-70936-7_2"},{"key":"28_CR28","unstructured":"Perrin, T., Marlinspike, M.: The Double Ratchet Algorithm (2016). https:\/\/signal.org\/docs\/specifications\/doubleratchet\/"},{"key":"28_CR29","doi-asserted-by":"crossref","unstructured":"Wallner, D.M., Harder, E.J., Agee, R.C.: Key management for multicast: Issues and architectures. Internet Draft (1998). http:\/\/www.ietf.org\/ID.html","DOI":"10.17487\/rfc2627"},{"key":"28_CR30","doi-asserted-by":"crossref","unstructured":"Weidner, M., Kleppmann, M., Hugenroth, D., Beresford, A.R.: Key agreement for decentralized secure group messaging with strong security guarantees. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 2024\u20132045. ACM Press (2021)","DOI":"10.1145\/3460120.3484542"},{"key":"28_CR31","doi-asserted-by":"crossref","unstructured":"Wong, C.K., Gouda, M.G., Lam, S.S.: Secure group communications using key graphs. In: Proceedings of ACM SIGCOMM, Vancouver, BC, Canada, 31 August\u20134 September 1998, pp. 68\u201379 (1998)","DOI":"10.1145\/285243.285260"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-07085-3_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,27]],"date-time":"2025-05-27T22:04:12Z","timestamp":1748383452000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-07085-3_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031070846","9783031070853"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-07085-3_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"25 May 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Trondheim","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 May 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 June 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"41","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"372","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"85","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Peer review was double-blind with rebuttal.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}