Detecting presence Of Malicious Hub in MIMI Protocol for Cross-Platform Messaging Interoperability
| dc.contributor.author | Sarvaiya, Harditya Ketan | en |
| dc.contributor.committeechair | Burger, Eric William | en |
| dc.contributor.committeemember | Meng, Na | en |
| dc.contributor.committeemember | Cameron, Melissa | en |
| dc.contributor.department | Computer Science and#38; Applications | en |
| dc.date.accessioned | 2025-07-30T08:00:21Z | en |
| dc.date.available | 2025-07-30T08:00:21Z | en |
| dc.date.issued | 2025-07-29 | en |
| dc.description.abstract | The More Instant Messaging Interoperability (MIMI) protocol enables interoperable group messaging across otherwise isolated services such as WhatsApp, Signal, and Telegram. It routes every Messaging Layer Security (MLS) ciphertext through a central hub that timestamps the message and broadcasts it to all group participants. If the hub is compromised, it can silently drop, delay, or reorder messages, undermining order integrity while leaving end-to-end encryption intact. We introduce a lightweight, Merkle-tree-based audit layer that allows clients to detect such misbehavior. Each client stores every received message together with its hub-assigned timestamp in an ordered list. Clients periodically generate a Merkle proof from this list and broadcast it by embedding the proof in an encrypted application message. Because the hub cannot predict which messages carry proofs, it cannot selectively discard them. Upon receiving a proof, other clients verify it and broadcast their own proofs. Any inconsistency is then propagated to the entire room, creating a non-repudiable record of hub misconduct. A Rust prototype built on OpenMLS was evaluated on a 100-node emulated network. With a client sampling rate of 5%, and a hub attack probability of 10%, the scheme detected 95% of message-drop or reordering attacks within the first 40 messages, consumed only 3 kB of additional memory per client, and required less than 1 ms of client-side processing per proof. The audit's memory requirement grows linearly with room size and requires no changes to the hub protocol, providing a practical, low-overhead path to verifiable message-order integrity in large interoperable messaging systems. | en |
| dc.description.abstractgeneral | Today's messaging apps like WhatsApp, Signal, and Telegram don't talk to each other, forcing users to stick to a single platform. The new MIMI protocol, developed by the IETF, is changing that by enabling secure group chats across these different services. But there's a catch: MIMI relies on a central hub to forward messages to group members. If that hub is compromised, it can quietly drop, delay, or rearrange messages—even though end-to-end encryption keeps the content safe. Our work tackles this problem by adding a lightweight audit system that helps users detect if the hub misbehaves. Each person in a group keeps a private, tamper-evident log of messages and timestamps using a data structure called a Merkle tree. Occasionally, users send a short encrypted "proof" that reflects their message history. Since these proofs are sent at random times and hidden inside regular messages, a malicious hub can't predict or block them without getting caught. If anyone detects a mismatch, they alert the group, exposing the problem. We tested our approach in a simulated network of 100 users. Even when the hub was acting maliciously 10% of the time, our system detected most problems quickly—with almost no impact on speed or memory use. This makes it a practical tool for improving trust in cross-platform messaging, especially in high-stakes settings like emergency response where reliable communication is critical. | en |
| dc.description.degree | Master of Science | en |
| dc.format.medium | ETD | en |
| dc.identifier.other | vt_gsexam:44394 | en |
| dc.identifier.uri | https://hdl.handle.net/10919/136926 | en |
| dc.language.iso | en | en |
| dc.publisher | Virginia Tech | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | Security | en |
| dc.subject | Privacy | en |
| dc.subject | MIMI | en |
| dc.subject | MLS | en |
| dc.subject | Merkle-tree | en |
| dc.subject | message-order integrity | en |
| dc.title | Detecting presence Of Malicious Hub in MIMI Protocol for Cross-Platform Messaging Interoperability | en |
| dc.type | Thesis | en |
| thesis.degree.discipline | Computer Science & Applications | en |
| thesis.degree.grantor | Virginia Polytechnic Institute and State University | en |
| thesis.degree.level | masters | en |
| thesis.degree.name | Master of Science | en |
Files
Original bundle
1 - 1 of 1