{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,26]],"date-time":"2025-11-26T01:06:32Z","timestamp":1764119192119,"version":"3.46.0"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031486203"},{"type":"electronic","value":"9783031486210"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-48621-0_10","type":"book-chapter","created":{"date-parts":[[2023,11,26]],"date-time":"2023-11-26T18:02:21Z","timestamp":1701021741000},"page":"271-300","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["On the\u00a0Cost of\u00a0Post-compromise Security in\u00a0Concurrent Continuous Group-Key Agreement"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7553-6606","authenticated-orcid":false,"given":"Benedikt","family":"Auerbach","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2505-4246","authenticated-orcid":false,"given":"Miguel","family":"Cueto Noval","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8630-415X","authenticated-orcid":false,"given":"Guillermo","family":"Pascual-Perez","sequence":"additional","affiliation":[]},{"given":"Krzysztof","family":"Pietrzak","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,11,27]]},"reference":[{"key":"10_CR1","doi-asserted-by":"publisher","unstructured":"Alwen, J., et al.: Grafting key trees: efficient key management for overlapping groups. In: Nissim, K., Waters, B. (eds.) TCC 2021, Part III. LNCS, vol. 13044, pp. 222\u2013253. Springer, Heidelberg (2021). https:\/\/doi.org\/10.1007\/978-3-030-90456-2_8","DOI":"10.1007\/978-3-030-90456-2_8"},{"key":"10_CR2","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"815","DOI":"10.1007\/978-3-031-07085-3_28","volume-title":"EUROCRYPT 2022, Part II","author":"J Alwen","year":"2022","unstructured":"Alwen, J., et al.: CoCoA: concurrent continuous group key agreement. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part II. LNCS, vol. 13276, pp. 815\u2013844. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-07085-3_28"},{"key":"10_CR3","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"248","DOI":"10.1007\/978-3-030-56784-2_9","volume-title":"CRYPTO 2020, Part I","author":"J Alwen","year":"2020","unstructured":"Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Security analysis and improvements for the IETF MLS standard for group messaging. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part I. LNCS, vol. 12170, pp. 248\u2013277. Springer, Heidelberg (2020). https:\/\/doi.org\/10.1007\/978-3-030-56784-2_9"},{"key":"10_CR4","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1007\/978-3-030-64378-2_10","volume-title":"TCC 2020, Part II","author":"J Alwen","year":"2020","unstructured":"Alwen, J., Coretti, S., Jost, D., Mularczyk, M.: Continuous group key agreement with active security. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part II. LNCS, vol. 12551, pp. 261\u2013290. Springer, Heidelberg (2020). https:\/\/doi.org\/10.1007\/978-3-030-64378-2_10"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Alwen, J., Hartmann, D., Kiltz, E., Mularczyk, M.: Server-aided continuous group key agreement. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 69\u201382. ACM Press, November 2022","DOI":"10.1145\/3548606.3560632"},{"key":"10_CR6","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-031-15979-4_2","volume-title":"CRYPTO 2022, Part II","author":"J Alwen","year":"2022","unstructured":"Alwen, J., Jost, D., Mularczyk, M.: On the insider security of MLS. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part II. LNCS, vol. 13508, pp. 34\u201368. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-15979-4_2"},{"key":"10_CR7","unstructured":"Alwen, J., Auerbach, B., Noval, M.C., Klein, K., Pascual-Perez, G., Pietrzak, K.: DeCAF: decentralizable continuous group key agreement with fast healing. Cryptology ePrint Archive, Paper 2022\/559 (2022). https:\/\/eprint.iacr.org\/2022\/559"},{"key":"10_CR8","unstructured":"Auerbach, B., Noval, M.C., Pascual-Perez, G., Pietrzak, K.: On the cost of post-compromise security in concurrent continuous group-key agreement. Cryptology ePrint Archive, Paper 2023\/1123 (2023). https:\/\/eprint.iacr.org\/2023\/1123"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Barnes, R., Beurdouche, B., Robert, R., Millican, J., Omara, E., Cohn-Gordon, K.: The Messaging Layer Security (MLS) Protocol. RFC 9420, July 2023. https:\/\/www.rfc-editor.org\/info\/rfc9420","DOI":"10.17487\/RFC9420"},{"key":"10_CR10","unstructured":"Bhargavan, K., Barnes, R., Rescorla, E.: TreeKEM: Asynchronous Decentralized Key Management for Large Dynamic Groups, May 2018. https:\/\/mailarchive.ietf.org\/arch\/attach\/mls\/pdf1XUH6o.pdf"},{"key":"10_CR11","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/978-3-031-22365-5_8","volume-title":"TCC 2022, Part II","author":"A Bienstock","year":"2022","unstructured":"Bienstock, A., Dodis, Y., Garg, S., Grogan, G., Hajiabadi, M., R\u00f6sler, P.: On the worst-case inefficiency of CGKA. In: Kiltz, E., Vaikuntanathan, V. (eds.) TCC 2022, Part II. LNCS, vol. 13748, pp. 213\u2013243. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-22365-5_8"},{"key":"10_CR12","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-030-64378-2_8","volume-title":"TCC 2020, Part II","author":"A Bienstock","year":"2020","unstructured":"Bienstock, A., Dodis, Y., R\u00f6sler, P.: On the price of concurrency in group ratcheting protocols. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part II. LNCS, vol. 12551, pp. 198\u2013228. Springer, Heidelberg (2020). https:\/\/doi.org\/10.1007\/978-3-030-64378-2_8"},{"key":"10_CR13","unstructured":"Brzuska, C., Cornelissen, E., Kohbrok, K.: Cryptographic security of the MLS RFC, draft 11. Cryptology ePrint Archive, Report 2021\/137 (2021). https:\/\/eprint.iacr.org\/2021\/137"},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Canetti, R., Garay, J.A., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: IEEE INFOCOM 1999, pp. 708\u2013716, New York, NY, USA, 21\u201325 March 1999","DOI":"10.1109\/INFCOM.1999.751457"},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Cohn-Gordon, K., Cremers, C., Garratt, L., Millican, J., Milner, K.: On ends-to-ends encryption: asynchronous group messaging with strong security guarantees. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 1802\u20131819. ACM Press, October 2018","DOI":"10.1145\/3243734.3243747"},{"key":"10_CR16","unstructured":"Cremers, C., Hale, B., Kohbrok, K.: The complexities of healing in secure group messaging: Why cross-group effects matter. In: Bailey, M., Greenstadt, R. (eds.) USENIX Security 2021, pp. 1847\u20131864. USENIX Association, August 2021"},{"key":"10_CR17","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1007\/978-3-030-88428-4_29","volume-title":"ESORICS 2021, Part II","author":"J Devigne","year":"2021","unstructured":"Devigne, J., Duguey, C., Fouque, P.A.: MLS group messaging: how zero-knowledge can secure updates. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021, Part II. LNCS, vol. 12973, pp. 587\u2013607. Springer, Heidelberg (2021). https:\/\/doi.org\/10.1007\/978-3-030-88428-4_29"},{"issue":"2","key":"10_CR18","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198\u2013208 (1983)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Hashimoto, K., Katsumata, S., Postlethwaite, E., Prest, T., Westerbaan, B.: A concrete treatment of efficient continuous group key agreement via multi-recipient PKEs. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 1441\u20131462. ACM Press, November 2021","DOI":"10.1145\/3460120.3484817"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Hashimoto, K., Katsumata, S., Prest, T.: How to hide MetaData in MLS-like secure group messaging: simple, modular, and post-quantum. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 1399\u20131412. ACM Press, November 2022","DOI":"10.1145\/3548606.3560679"},{"key":"10_CR21","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"180","DOI":"10.1007\/978-3-030-36033-7_7","volume-title":"TCC 2019, Part II","author":"D Jost","year":"2019","unstructured":"Jost, D., Maurer, U., Mularczyk, M.: A unified and composable take on ratcheting. In: Hofheinz, D., Rosen, A. (eds.) TCC 2019, Part II. LNCS, vol. 11892, pp. 180\u2013210. Springer, Heidelberg (2019). https:\/\/doi.org\/10.1007\/978-3-030-36033-7_7"},{"key":"10_CR22","doi-asserted-by":"crossref","unstructured":"Klein, K., et al.: Keep the dirt: tainted TreeKEM, adaptively and actively secure continuous group key agreement. In: 2021 IEEE Symposium on Security and Privacy, pp. 268\u2013284. IEEE Computer Society Press, May 2021","DOI":"10.1109\/SP40001.2021.00035"},{"key":"10_CR23","unstructured":"Weidner, M.A.: Group messaging for secure asynchronous collaboration. Master\u2019s thesis, University of Cambridge, June 2019"},{"key":"10_CR24","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-3-540-24676-3_10","volume-title":"EUROCRYPT 2004","author":"D Micciancio","year":"2004","unstructured":"Micciancio, D., Panjwani, S.: Optimal communication complexity of generic multicast key distribution. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 153\u2013170. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_10"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Wallner, D., Harder, E., Agee, R.: Key management for multicast: issues and architectures. Request for Comments: 2627, Internet Engineering Task Force (1999)","DOI":"10.17487\/rfc2627"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Weidner, M., Kleppmann, M., Hugenroth, D., Beresford, A.R.: Key agreement for decentralized secure group messaging with strong security guarantees. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 2024\u20132045. ACM Press, November 2021","DOI":"10.1145\/3460120.3484542"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-48621-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,26]],"date-time":"2025-11-26T01:03:12Z","timestamp":1764118992000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-48621-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031486203","9783031486210"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-48621-0_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"27 November 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"TCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Theory of Cryptography Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 November 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"tcc2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/tcc.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}