Abstract
In group key exchange (GKE) protocols, a shared secret key is established among a group of members for cryptographic use over a public network. An identity-based protocol is preferred to that under the employment of traditional public key infrastructure (PKI), since identity-based cryptosystem can simplify public key management procedure. In ASIACCS 2011, a security model for GKE protocol called EGBG model was proposed. The EGBG model takes ephemeral secret key leakage attack into consideration. Until now, there is no ID-based GKE protocol secure in the EGBG model. In this paper, we propose an identity-based GKE protocol. Its AKE-security with KCIR and full forward secrecy, MA-security with KCIR and its contributiveness are proven in the EGBG model. The proposed protocol does not involve NAXOS trick, which does not resist side channel attack and thus it provides stronger security guarantee. It achieves mutual authentication without applying signature, which makes the protocol more practical.
抽象
创新点
本文提出了第一个在EGBG模型下安全的基于身份的群组密钥交换协议, 该协议没有采用AXOS技术抵抗临时私钥泄露攻击,提高了协议的安全性. 该协议没有采用签名去实现互认证性,在一定程度上提高了协议的效率和安全性.
Similar content being viewed by others
References
Ingemarsson I, Tang D T, Wong C K. A conference key distribution system. IEEE Trans Inf Theory, 1982, 28: 714–720
Barua R, Dutta R, Sarker P. Extending Joux’s protocol to multi party key agreement. In: Proceedings of 4th International Conference on Cryptology in India, New Delhi, 2003. 205–217
Reddy K C, Nalla D. Identity-based authenticated group key agreement protocol. In: Proceedings of 3rd International Conference on Cryptology in India, Hyderabad, 2002. 215–233
Bresson E, Chevassut O, Pointcheval D, et al. Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, Philadelphia, 2001. 255–264
Bresson E, Chevassut O, Pointcheval D. Dynamic group Diffie-Hellman key exchange under standard assumptions. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, 2002. 321–336
Bresson E, Chevassut O, Pointcheval D. Provably authenticated group Diffie-Hellman key exchange-the dynamic case. In: Proceedings of 7th International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, 2001. 290–309
Katz J, Yung M. Scalable protocols for authenticated group key exchange. In: Proceedings of 23rd Annual International Cryptology Conference, Santa Barbara, 2003. 110–125
Burmester M, Desmedt Y. A secure and efficient conference key distribution system. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques, Perugia, 1995. 275–286
Choi K Y, Hwang J Y, Lee D H. Effcient ID-based group key agreement with bilinear maps. In: Proceedings of International Workshop on Practice and Theory in Public Key Cryptography, Singapore, 2004. 130–144
Kim H J, Lee S M, Lee D H. Constant-round authenticated group key exchange for dynamic groups. In: Proceedings of 10th International Conference on the Theory and Application of Cryptology and Information Security, Jeju Island, 2004. 245–259
Dutta R, Barua R. Provably secure constant round contributory group key agreement in dynamic setting. IEEE Trans Inf Theory, 2007, 54: 2007–2025
Li H, Wu C K, Teng J K. Dynamic tree-based authenticated group key exchange protocol. Sci China Inf Sci, 2010, 53: 1591–1602
Teng J K, Wu C K, Tang C M. An ID-based authenticated dynamic group key agreement with optimal round. Sci China Inf Sci, 2012, 55: 2542–2554
Katz J, Shin J S. Modeling insider attacks on group key-exchange protocols. In: Proceedings of 12th ACM Conference on Computer and Communications Security, Alexandria, 2005. 180–189
Bresson E, Manulis M. Malicious participants in group key exchange: key control and contributiveness in the shadow of trust. In: Proceedings of 4th International Conference on Autonomic and Trusted Computing, Hong Kong, 2007. 395–409
Bresson E, Manulis M. Securing group key exchange against strong corruptions. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, Tokyo, 2008. 249–260
Bohli J M, Gonzalez Vasco M I, Steinwandt R. Secure group key establishment revisited. Int J Inf Secur, 2007, 6: 243–254
Neupane K, Steinwandt R. Communication-efficient 2-round group key establishment from pairings. In: Proceedings of the Cryptographers’ at the RSA Conference, San Francisco, 2011. 65–76
Bresson E, Manulis M. Contributory group key exchange in the presence of malicious participants. IET Inf Secur, 2008, 2: 85–93
Gorantla M C, Boyd C, Nieto J M G. Modeling key compromise impersonation attacks on group key exchange protocols. In: Proceedings of 12th International Conference on Practice and Theory in Public Key Cryptography, Irvine, 2009. 105–123
Gorantla M C, Boyd C, Nieto J M G, et al. Generic one round group key exchange in the standard model. In: Proceedings of 12th Annual International Conference on Information Security and Cryptology, Seoul, 2009. 1–15
Zhao J J, Gu D W, Gorantla M C. Stronger security model of group key agreement. In: Proceedings of 6th ACM Symposium on Information, Computer and Communications Security, Hongkong, 2011. 435–440
Krawczyk H. HMQV: a high-performance secure Diffie-Hellman protocol. In: Proceedings of 25th Annual International Cryptology Conference, Santa Barbara, 2005. 546–566
Ustaoglu B. Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Des Codes Cryptogr, 2008, 46: 329–342
Moriyama D, Okamoto T. An eCK-secure authenticated key exchange protocol without random oracles. In: Proceedings of the Provable Security Conference, Guangzhou, 2009. 154–167
Ustaoglu B. Comparing session state reveal and ephemeral key reveal for Diffie-Hellman protocol. In: Proceedings of Provable Security Conference, Guangzhou, 2009. 183–197
Huang H, Cao Z. An insider-resistant group key exchange protocol without signatures. In: Proceedings of IEEE International Conference on Communications, Dresden, 2009. 1–5
Teng J K, Wu C K. A provable authenticated certificateless group key agreement with constant rounds. J Commun Netw, 2012, 14: 104–110
Boneh D, Franklin M. Identity-based encryption from the weil pairing. In: Proceedings of 21st Annual International Cryptology Conference, Santa Barbara, 2001. 213–229
Barreto P S L M, Kim H Y, Scott M. Efficient algorithms for pairing based cryptosystems. In: Proceedings of 22nd Annual International Cryptology Conference, Santa Barbara, 2002. 354–368
Shamir A. Identity-based cryptosystems and signature schemes. In: Proceedings of a Workshop on the Theory and Application of Cryptographic Techniques, Santa Barbara, 1984. 47–53
Ruxandra F O. Provable secure constant-round group key agreement protocol based on secret sharing. In: Proceedings of International Joint Conference SOCO’13-CISIS’13-ICEUTE’13, Salamanca, 2013. 489–498
Florian H. Efficient identity-based signature schemes based on pairings. In: Proceedings of the ACM Symposium on Applied Computing, Newfoundland, 2002. 310–324
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Teng, J., Wu, C., Tang, C. et al. A strongly secure identity-based authenticated group key exchange protocol. Sci. China Inf. Sci. 58, 1–12 (2015). https://doi.org/10.1007/s11432-014-5271-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-014-5271-9