" ephemeral signing key pair along with K. ... hash-ratcheting K and including a signature in the transmitted ciphertext."
Can someone knowledgable comment about the crypto protocol here and how this provides guarantees that ensure the server can't reverse the messages for multicast (am happy to read academic papers here too)?
Can someone knowledgable comment about the crypto protocol here and how this provides guarantees that ensure the server can't reverse the messages for multicast (am happy to read academic papers here too)?