Abstract
Cross-domain password-based authenticated key exchange (PAKE) protocols have been studied for many years. However, these protocols are mainly focusing on multi-participant within a single domain in an open network environment. This paper proposes a novel approach for designing a cross-domain group PAKE protocol, that primarily handles with the setting of multi-participant in the multi-domain. Moreover, our protocol is proved secure against active adversary in the Real-or-Random (ROR) model. In our protocol, no interaction occurs between any two domain authentication servers. They are regarded as ephemeral certificate authorities (CAs) to certify key materials that participants might subsequently use to exchange and agree on group session key. We further justify the computational complexity and measure the average computation time of our protocol. To the best of our knowledge, this is the first work to analyze and discuss a provably secure multi-participant cross-domain group PAKE protocol.
Similar content being viewed by others
References
Nicanfar H, Leung V C M. Multilayer consensus ECC-based password authenticated key-exchange (MCEPAK) protocol for smart grid system. IEEE Transactions on Smart Grid, 2013, 4(1): 253–264
Abdalla M, Fouque P A, Pointcheval D. Password-based authenticated key exchange in the three-party setting. In: Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography. 2005, 65-84
Lou D C, Huang H F. Efficient three-party password-based key exchange scheme. International Journal of Communication Systems 2011, 24(4): 504–512
Kwon J O, Jeong I R, Sakurai K, Lee D H. Password-authenticated multi-party key exchange with different passwords. In: Proceedings of the International Association for Cryptologic Research. 2006, 476–480
Wu S, Chen K, Zhu Y. Enhancements of a three-party password-based authenticated key exchange protocol. International Arab Journal of Information Technology, 2013, 10(3), 215–221
Chuangui M, Fushan W, Fengxiu G. Efficient client-to-client password authenticated key exchange based on RSA. In: Proceedings of the 5th IEEE International Conference on Intelligent Networking and Collaborative Systems. 2013, 233–238
Liang H, Hu J, Wu S. Re-attack on a three-party password-based authenticated key exchange protocol. Mathematical and Computer Modelling, 2013, 57(5): 1175–1183
Zhao J, Gu D. Provably secure three-party password-based authenticated key exchange protocol. Information Sciences, 2012, 184(1): 310–323
Yuan W, Hu L, Li H, Chu J F. An efficient password-based group key exchange protocol using secret sharing. Applied Mathematics and Information Sciences, 2013, 7(1), 145–150
Katz J, Ostrovsky R, Yung M. Efficient password-authenticated key exchange using human-memorable passwords. Lecture Notes in Computer Science, 2001, 2045: 475–494
Yang J H, Cao T J. Provably secure three-party password authenticated key exchange protocol in the standard model. Journal of Systems and Software, 2012, 85(2): 340–350
Zhang Z I, Zhu L H, Liao L J. Computationally sound symbolic security reduction analysis of the group key exchange protocols using bilinear pairings. Information Sciences, 2012, 209: 93–112
Zhang Z J, Zhu L H, Wang F, Liao L J. Computationally sound and effective symbolic analysis of group key exchange protocols. Chinese Journal of Computers, 2012, 35(4): 664–672 (in Chinese)
Byun J W, Jeong I R, Lee D H. Password-authenticated key exchange between clients with different passwords. Lecture Notes in Computer Science, 2002, 2513: 134–146
Chen L, Lim H W, Yang G. Cross-domain password-based authenticated key exchange revisited. In: Proceedings of the 32nd IEEE International Conference on Computer Communications. 2013, 1052-1060
Burmester M, Desmedt Y. A secure and scalable group key exchange system. Information Processing Letters, 2005, 94(3): 137–143
Katz J, Yung M. Scalable protocols for authenticated group key exchange. Journal of Cryptology, 2007, 20(1): 85–113
Shoup V. OAEP reconsidered. Journal of Cryptology, 2000, 239–259
Author information
Authors and Affiliations
Corresponding author
Additional information
Cong Guo is a PhD candidate in the School of Computer Science and Technology, Beijing Institute of Technology, China. Her research interests include security analysis of cryptographic protocol, provable security, spi calculus, and group key exchange protocols.
Zijian Zhang is an assistant professor in the School of Computer Science and Technology, Beijing Institute of Technology, China. His research interests include security protocol analysis, and provable security, group key exchange protocols, and cloud computing.
Liehuang Zhu is a professor in the School of Computer Science and Technology, Beijing Institute of Technology, China. His research interests include security protocol analysis and design, group key exchange protocols, wireless sensor networks, and cloud computing.
Yu-an Tan is a professor and doctoral tutor in the School of Computer Science and Technology, Beijing Institute of Technology, China. His research interests include information security, network storages and embedded systems.
Zhen Yang is a master candidate in the School of Computer Science and Technology, Beijing Institute of Technology, China. His interests include data aggregation in wireless sensor networks, SCADA system security, and information retrieval on encrypted data.
Rights and permissions
About this article
Cite this article
Guo, C., Zhang, Z., Zhu, L. et al. Scalable protocol for cross-domain group password-based authenticated key exchange. Front. Comput. Sci. 9, 157–169 (2015). https://doi.org/10.1007/s11704-014-4124-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11704-014-4124-4