|
|
|
|
|
|
by panda921
2380 days ago
|
|
|
I noticed this from the paper: > Note
that a user who has acquired a group’s GroupMasterKey and then leaves the group (or is
deleted) retains the ability to collude with a malicious server to encrypt and decrypt group
entries. We deem this risk acceptable for now due to the complexities in rapid and reliable
rekey of the GroupMasterKey. Does this mean that the server and a deleted user can always collude to get the deleted user readded to the group? Also, is there no provable audit trail of who added or deleted whom? Unless I'm misunderstanding, it seems like deleting a user is therefore enforced only via server trust, but please correct me if I'm wrong. |
|
|
No, the members of the group would be able to see that the deleted user is back, or whatever else has happened to the list. Signal's server isn't responsible for deciding who gets the group messages, only for storing the agreed list in encrypted form. So members don't need to trust that the server did as it was told.
Certainly if you have a group where you suspect a member of colluding with the Signal server to betray the group you should probably NOT remove that member but instead take the extra trouble to explicitly form a new group (without that member obviously).