Skip to main content
SpringerLink
Log in

Multi-cast key distribution: scalable, dynamic and provably secure construction

  • Speical Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In this paper, we propose a two-round dynamic multi-cast key distribution (DMKD) protocol under the star topology with a central authentication server. Users can share a common session key without revealing any information of the session key to the server and can join/leave to/from the group at any time even after establishing the session key. Our protocol is scalable because communication and computation costs of each user are independent from the number of users. Also, our protocol is still secure if either private key or session-specific randomness of a user is exposed. Furthermore, time-based backward secrecy is guaranteed by renewing the session key for every time period even if the session key is exposed. We introduce the first formal security definition for DMKD under the star topology in order to capture such strong exposure resilience and time-based backward secrecy. We prove that our protocol is secure in our security model in the standard model.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

Notes

  1. We say that \(state_i\) is an ancestor of \(state_{i'}\) if there exists a path \((state_i,\dots ,state_{i'})\) such that each state in the path is updated to the next one.

  2. If the adversary poses \(\mathsf {StaticReveal}\) or \(\mathsf {ServerReveal}\) before completion of the test session, then the session key is trivially distinguished from a random key. Also, it means that the server is honest-but-curious.

References

  1. Al-Riyami, S.S., Paterson, K.G.: Tripartite authenticated key agreement protocols from pairings. In: IMA International Conference 2003, pp. 332–359 (2003)

  2. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: CRYPTO 1993, pp. 232–249 (1993)

  3. Bergkvist, A., Burnett, D.C., Jennings, C., Narayanan, A., Aboba, B.: WebRTC 1.0: real-time communication between browsers. In: InfoQ (2015)

  4. Berjon, R., Leithead, T., Navara, E.D., O’Connor, E., Pfeiffer, S.: HTML5. In: W3C working draft (2012)

  5. Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group Diffie–Hellman key exchange—the dynamic case. In: Boyd C. (ed.) Advances in Cryptology—ASIACRYPT 2001, 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, 9–13 Dec 2001 Proceedings, Lecture Notes in Computer Science, vol. 2248, pp. 290–309. Springer (2001)

  6. Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group Diffie–Hellman key exchange under standard assumptions. In: Knudsen L.R. (ed.) Advances in Cryptology—EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, The Netherlands, 28 April–2 May 2002, Proceedings, Lecture Notes in Computer Science, vol. 2332, pp. 321–336. Springer (2002)

  7. Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.: Provably authenticated group Diffie–Hellman key exchange. In: Reiter M.K., Samarati P. (eds.) CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, 6–8 Nov 2001, pp. 255–264. ACM (2001)

  8. Canetti, R., Garay, J.A., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: A taxonomy and some efficient constructions. In: Proceedings IEEE INFOCOM ’99, The Conference on Computer Communications, Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, The Future Is Now, New York, NY, USA, 21–25 March 1999, pp. 708–716. IEEE (1999)

  9. Caronni, G., Waldvogel, M., Sun, D., Plattner, B.: Efficient security for large and dynamic multicast groups. In: 7th Workshop on Enabling Technologies (WETICE ’98), Infrastructure for Collaborative Enterprises, 17–19 June 1998, Palo Alto, CAUSA, Proceedings, pp. 376–383. IEEE Computer Society (1998)

  10. Chesters, J.: Mozilla blocks flash, encourages HTML5 adoption. In: InfoQ (2015)

  11. Cremers, C.J.F., Feltz, M.: Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal. In: ESORICS 2012, pp. 734–751 (2012)

  12. Dutta, R., Barua, R.: Constant round dynamic group key agreement. In: Zhou J., Lopez v, Deng R.H., Bao F. (eds.) Information Security, 8th International Conference, ISC 2005, Singapore, 20–23 Sept 2005, Proceedings, Lecture Notes in Computer Science, vol. 3650, pp. 74–88. Springer (2005)

  13. Fischl, J., Tschofenig, H., Rescorla, E.: Framework for establishing a secure real-time transport protocol (SRTP), security context using datagram transport layer security (DTLS). In: IEFT RFC pp. 5763. (2010)

  14. Fujioka, A., Manulis, M., Suzuki, K., Ustaoglu, B.: Sufficient condition for ephemeral key-leakage resilient tripartite key exchange. In: ACISP 2012, pp. 15–28 (2012)

  15. Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly secure authenticated key exchange from factoring, codes, and lattices. Des. Codes Cryptogr. 76(3), 469–504 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  16. Gorantla, M.C., Boyd, C., Nieto, J.M.G.: Modeling key compromise impersonation attacks on group key exchange protocols. In: Public Key Cryptography, pp. 105–123 (2009)

  17. Joux, A.: A One round protocol for tripartite Diffie–Hellman. In: ANTS 2000, pp. 385–394 (2000)

  18. Katz, J., Shin, J.S.: Modeling insider attacks on group key-exchange protocols. In: ACM Conference on Computer and Communications Security, pp. 180–189 (2005)

  19. Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: CRYPTO, pp. 110–125 (2003)

  20. Kim, H., Lee, S., Lee, D.H.: Constant-round authenticated group key exchange for dynamic groups. In: Lee P.J. (ed.) Advances in Cryptology—ASIACRYPT 2004, 10th International Conference on the Theory and Application of Cryptology and Information Security, Jeju Island, Korea, 5–9 Dec 2004, Proceedings, Lecture Notes in Computer Science, vol. 3329, pp. 245–259. Springer (2004)

  21. Kurosawa, K., Furukawa, J.: 2-pass key exchange protocols from cpa-secure KEM. In: Benaloh J. (ed.) Topics in Cryptology—CT-RSA 2014—The Cryptographer’s Track at the RSA Conference 2014, San Francisco, CA, USA, 25–28 Feb 2014. Proceedings, Lecture Notes in Computer Science, vol. 8366, pp. 385–401. Springer (2014)

  22. LaMacchia, B.A., Lauter, K.E., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo W., Liu J.K., Mu Y. (eds.) Provable Security, First International Conference, ProvSec 2007, Wollongong, Australia, 1–2 Nov 2007, Proceedings, Lecture Notes in Computer Science, vol. 4784, pp. 1–16. Springer (2007)

  23. Lin, I., Tang, S., Wang, C.: Multicast key management without rekeying processes. Comput. J. 53(7), 939–950 (2010)

    Article  Google Scholar 

  24. Manulis, M., Suzuki, K., Ustaoglu, B.: Modeling leakage of ephemeral secrets in tripartite/group key exchange. In: Lee D.H., Hong S. (eds.) Information, Security and Cryptology—ICISC 2009, 12th International Conference, Seoul, Korea, 2–4 Dec 2009, Revised Selected Papers, Lecture Notes in Computer Science, vol. 5984, pp. 16–33. Springer (2009)

  25. Marshall, J.: Google Chrome Will Begin Blocking Flash Web Ads. In: The Wall Street Journal: (2015)

  26. Micciancio, D., Panjwani, S.: Optimal communication complexity of generic multicast key distribution. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2–6 May 2004, Proceedings, Lecture Notes in Computer Science, vol. 3027, pp. 153–170. Springer (2004)

  27. Mittal, N., Kumar, V.: An efficient and secure multicast key management scheme based on star topology. Int. J. Comput. Sci. Inf. Technol. 5(3), 3777–3783 (2014)

    Google Scholar 

  28. Rescorla, E.: WebRTC Security architecture, draft-ietf-rtcweb-security-arch-11. In: IETF Draft (2015)

  29. Saravanan, K., Purusothaman, T.: Efficient star topology based multicast key management algorithm. J. Comput. Sci. 8(6), 951–956 (2012)

    Article  Google Scholar 

  30. Schulzrinne, H., Casner, S.L., Frederick, R., Jacobson, V.: RTP: A transport protocol for real-time applications. In: IEFT RFC 3550 (2003)

  31. Sherman, A.T., McGrew, D.A.: Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. 29(5), 444–458 (2003)

    Article  Google Scholar 

  32. Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. In: Cryptology ePrint Archive: 2004/332 (2004)

  33. Sun, H., He, B., Chen, C., Wu, T., Lin, C., Wang, H.: A provable authenticated group key agreement protocol for mobile environment. Inf. Sci. 321, 224–237 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  34. Suzuki, K., Yoneyama, K.: Exposure-resilient one-round tripartite key exchange without random oracles. In: Jr. M.J.J., Locasto M.E., Mohassel P., Safavi-Naini R. (eds.) Applied Cryptography and Network Security—11th International Conference, ACNS 2013, Banff, AB, Canada, 25–28 June 2013. Proceedings, Lecture Notes in Computer Science, vol. 7954, pp. 458–474. Springer (2013)

  35. Suzuki, K., Yoneyama, K.: Exposure-resilient one-round tripartite key exchange without random oracles. IEICE Trans. 97–A(6), 1345–1355 (2014)

    Article  Google Scholar 

  36. Waldvogel, M., Caronni, G., Sun, D., Weiler, N., Plattner, B.: The versakey framework: versatile group key management. IEEE J. Sel. Areas Commun. 17(9), 1614–1631 (1999)

    Article  Google Scholar 

  37. Westerlund, M., Wenger, S.: RTP Topologies, draft-ietf-avtcore-rtp-topologies-update-07. In: IETF Draft (2015)

  38. Yang, G., Tan, C.H.: Dynamic group key exchange revisited. In: Heng S., Wright R.N., Goi B. (eds.) Cryptology and Network Security—9th International Conference, CANS 2010, Kuala Lumpur, Malaysia, 12–14 Dec 2010. Proceedings, Lecture Notes in Computer Science, vol. 6467, pp. 261–277. Springer (2010)

  39. Yang, Z., Zhang, D.: Towards modelling perfect forward secrecy for one-round group key exchange. I. J. Netw. Secur. 18(2), 304–315 (2016)

    MathSciNet  Google Scholar 

  40. Yoneyama, K., Yoshida, R., Kawahara, Y., Kobayashi, T., Fuji, H., Yamamoto, T.: Multi-cast key distribution: scalable, dynamic and provably secure construction. ProvSec 2016, 207–226 (2016)

    MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

This work is supported in part by JSPS KAKENHI Grant Number 15H06063.

Author information

Authors and Affiliations

  1. Ibaraki University, Ibaraki, Japan

    Kazuki Yoneyama

  2. NTT Secure Platform Laboratories, Tokyo, Japan

    Reo Yoshida, Yuto Kawahara, Tetsutaro Kobayashi, Hitoshi Fuji & Tomohide Yamamoto

Authors
  1. Kazuki Yoneyama
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reo Yoshida
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuto Kawahara
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tetsutaro Kobayashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hitoshi Fuji
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Tomohide Yamamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kazuki Yoneyama.

Ethics declarations

This paper follows ethical rules of the journal as follows:

Originality: This paper extends our earlier extended abstract [40]. The earlier abstract introduces a new security model and construction of multi-cast key distribution (MKD). This submission adds following new results: 1. Though the earlier abstract does not give the security proof of the proposed scheme, we show the security proof formally. 2. In the earlier abstract, the proposed MKD scheme only captures a simple setting (i.e. only one user joins/leaves the group simultaneously) because of simplicity, and it is just described that an extension to the general setting will be possible. In this paper, we give a concrete protocol of MKD in the general setting (i.e. multiple users can join/leave the group simultaneously). This manuscript is the authors’ original work and has not been published nor has it been submitted simultaneously elsewhere.

Conflicts of interest

This paper does not receive any funding because the work is done as an academic research.

Research involving human participants and/or animals

This paper does not involve any human participants and animals.

Informed consent

Any informed consent is not necessary for this paper because it does not involve any human participants and animals.

Additional information

An extended abstract of this paper appeared in ProvSec 2016 [40].

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yoneyama, K., Yoshida, R., Kawahara, Y. et al. Multi-cast key distribution: scalable, dynamic and provably secure construction. Int. J. Inf. Secur. 17, 513–532 (2018). https://doi.org/10.1007/s10207-017-0389-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-017-0389-6

Keywords

Search

Navigation