Many organizations operate notification services that update client devices with operating data, alerts, or other time-sensitive information. Since a notification service of this kind may service millions or tens of millions of clients, there is an incentive to communicate information as efficiently as possible to limit the bandwidth required. Another concern may be the security and integrity of the notification messages. Data transmitted over the Internet is inherently insecure and subject to man-in-the-middle attacks where messages are intercepted, modified, and then forwarded on to the intended recipient.
One approach to securing notification messages may be to use Secure Socket Layer (SSL) or Transport Layer Security (TLS), in which the client and server negotiate a secure connection using a handshaking procedure to agree on communication parameters and exchange encryption keys. Notification messages are then encrypted on the server and decrypted at each client. However, communicating over a secure connection in this way may introduce unacceptable increases in processing and bandwidth overhead. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems for protecting notification messages.