A Fault-Tolerant Content Moderation Mechanism for Secure Messaging Systems

Recently, while a range of messaging applications have provided end-to-end encrypted (E2EE) mechanisms to preserve their user privacy, many other platforms consistently prioritise content moderation, i.e., filtering illegal messages. At EUROCRYPT’23, Bartusek et al. presented set pre-constrained group signatures as a feasible solution to balance user privacy and content moderation in messaging systems. This proposal lets a service provider trace the identity of any client sending prohibited messages while others remain anonymous. However, in this approach, a client is revealed if he produces an illicit message only once. This strict policy seems impractical when applied to everyday situations in which people usually make mistakes. To tackle the problem, we introduce a new notion called “Set Pre-constrained Group Signatures with a Threshold for Tracing illegal content” (SPCGSwTT) which can serve as a fault-tolerant content moderation mechanism for E2EE messaging systems. Our proposal allows clients to send inappropriate messages up tottimes before they get exposed. This relaxed tracing policy is more factual with respect to real-life messaging applications. In terms of construction, we propose a generic construction of SPCGSwTT by taking advantage of Lagrange polynomials, a polynomial commitment scheme, an SPC encryption scheme and a non-interactive zero-knowledge argument system. We prove our scheme is anonymous, unframeable and traceable under the random oracle model. Additionally, we also give a concrete instantiation of SPCGSwTT based on bilinear pairings.