@

초록

A key factor of the MLS group protocol is that it provides asynchronously efficient group key establishment with forward secrecy and post-compromise security for many groups in a standardized way. End-to-end encryption (E2EE) is essential to fulfilling the correctness of security in a messenger application. The correctness heavily depends on the trustworthiness of a middleman server in the center where a curious administrator may break E2EE. If this happened the administrator as a nonmember could read messages and impersonate a member by intervening with group-key management. This paper presents an in-depth explanation of the MLS protocol and demonstrates a proof-of-concept of curious administrator's misbehaviors by analyzing the protocol. Our research outputs suggest that unconditionally trustworthy relationships on the central server in designing network protocols for security needs to prepare for any incidents caused by misbehaving administrator of the central server. © 2025 IEEE.

키워드