Post-Quantum Ciphertext Compression and Applications to Secure Group Messaging

A standard method to establish secure comms between two or more parties is to encrypt a common session key via a key encapsulation mechanism (or KEM). In this document, we propose compression techniques that allow, when the number of parties is large (10 or more), to divide by an order of magnitude the cost of this approach when used with post-quantum KEMs.

This has several potential applications to secure group messaging (e.g. Signal, WhatsApp, etc.). In particular, we show that it can be used inside the draft IETF standard MLS to reduce its bandwidth footprint by about a factor 2.

The companion article to this white paper is available at

Your privacy: We will not store or use your details for any other purpose other than to correspond with you about this enquiry. You can read our privacy policy here.