A Survey to Guide Group Key Protocol Development

A large number of papers have proposed cryptographic protocols for establishing secure group communication. These protocols allow a set of group members to exchange or establish keys to encrypt and authenticate messages within the group. At the same time, individuals outside of the group cannot eavesdrop on group communication or inject messages. There have even been usability studies, demonstrating an average user can successfully complete some of these protocols. However, group protocols are rarely used in the real world. In this work, we conduct a survey to help uncover why the general population ignores such mechanisms for group communication. We also try to determine what protocols would best match respondents´ current expectations for group protocols and methods for establishing trust. Survey results indicate that a group protocol that leverages location-limited channels, PKI, or Web-of-Trust authenticated public keys and allows addition and deletion of members fulfills the majority of users´ expectations.