Abstract
A group key agreement protocol is designed to allow a group of parties communicating over an insecure, public network to agree on a common secret key. Recently, in WISA’04, Ren et al. proposed an efficient group key agreement scheme for dynamic groups, which can be built on any of secure two-party key establishment protocols. In the present work we study the main EGAKA-KE protocol of the scheme and point out a critical security flaw in the protocol. We show that the security flaw leads to a vulnerability to an active attack mounted by two colluding adversaries.
This work was supported by the University IT Research Center Project funded by the Korean Ministry of Information and Communication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ateniese, G., Steiner, M., Tsudik, G.: New multiparty authentication services and key agreement protocols. IEEE Journal on Selected Areas in Communications 18(4), 628–639 (2000)
Becker, K., Wille, U.: Communication complexity of group key distribution. In: Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS 1998), pp. 1–6 (1998)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Boyd, C., Nieto, J.M.G.: Round-optimal contributory conference key agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2002)
Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.-J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS 2001), pp. 255–264 (2001)
Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. on Information Theory 22(6), 644–654 (1976)
Dolev, D., Dwork, C., Naor, M.: Nonmalleable cryptography. SIAM Journal on Computing 30(2), 391–437 (2000)
Ingemarsson, I., Tang, D., Wong, C.: A conference key distribution system. IEEE Trans. on Information Theory 28(5), 714–720 (1982)
Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)
Kim, Y., Perrig, A., Tsudik, G.: Tree-based group key agreement. ACM Trans. on Information and System Security 7(1), 60–96 (2004)
Nam, J., Kim, S., Won, D.: A weakness in the Bresson-Chevassut-Essiari-Pointcheval’s group key agreement scheme for low-power mobile devices. IEEE Communications Letters 9(5), 429–431 (2005)
Pereira, O., Quisquater, J.-J.: A security analysis of the Cliques protocols suites. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop (CSFW 2001), pp. 73–81 (2001)
Ren, K., Lee, H., Kim, K., Yoo, T.: Efficient authenticated key agreement protocol for dynamic groups. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 144–159. Springer, Heidelberg (2005)
Steiner, M., Tsudik, G., Waidner, M.: Key agreement in dynamic peer groups. IEEE Trans. on Parallel and Distributed Systems 11(8), 769–780 (2000)
Zhang, F., Chen, X.: Attack on an ID-based authenticated group key agreement scheme from PKC 2004. PKC 2004 91(4), 191–193 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nam, J., Kim, S., Won, D. (2006). Security Weakness in Ren et al.’s Group Key Agreement Scheme Built on Secure Two-Party Protocols. In: Song, JS., Kwon, T., Yung, M. (eds) Information Security Applications. WISA 2005. Lecture Notes in Computer Science, vol 3786. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11604938_1
Download citation
DOI: https://doi.org/10.1007/11604938_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-31012-9
Online ISBN: 978-3-540-33153-7
eBook Packages: Computer ScienceComputer Science (R0)