Group admin in end-to-end encrypted group chat
I was thinking about building a simple end-to-end encrypted chat with group chat capabilities. Please keep in mind that 1) it's just an experiment to help me learn more about cryptography and 2) I'm not a security expert that knows all the cyphers out there and complex encryption schemes.
I consulted a lot of sources online on how to implement a basic E2EE using a hybrid approach with a shared key. Each time a user leaves the chat group, a new secret key should be generated and distributed so that this user doesn’t have access to the new messages anymore (“key rotation”). However, this generation (and distribution) of a new key should not be done at the server side, but a so-called “group admin” must do it (since we want end-to-end encryption).
Now comes my question: what is the difference between a regular user and a group admin (conceptually and in code)? Can I choose the group creator to be the admin? And does that person need to be always online in case a user leaves and connection with the admin is needed to create the new key?
Or is there maybe a better (but still easy) way to handle this situation (creating new key without the server knowing the key)?
Thanks in advance.
