A distributed multi-party key agreement protocol for dynamic collaborative groups using ECC

https://doi.org/10.1016/j.jpdc.2006.03.006Get rights and content

Abstract

We present a multi-party key agreement protocol based on a novel authenticated two-party elliptic curve Diffie–Hellman (ECDH) key-exchange protocol for dynamic collaborative peer groups. The security of our two-party and multi-party key agreement protocols is based on the computational intractability of the elliptic curve discrete logarithm problem (ECDLP). The strength-per-key-bit is substantially greater in keys generated using ECDH than in keys generated using Diffie–Hellman (DH) key exchange. Thus, with much smaller parameters like the key size, ECDH keys provide equivalent security compared to DH keys. We show that the proposed protocols establish an authenticated, distributed, and contributory group secret key among a group of members. Our multi-party key agreement protocol supports group dynamics like member-join, member-leave, group-fusion, and group-fission securely. Further, it introduces array-based binary key-trees (ABKTs), which are balanced trees that bound the key-computation cost of handling member dynamics to O(logn), where n is the number of members in the group.

Section snippets

Venkata C. Giruka received the B.Tech. degree from Osmania University, Hyderabad, and the M.S. degree in Computer Science from the University of Texas at Dallas in 2001. He is currently a Ph.D. student in the Department of Computer Science at the University of Kentucky, Lexington. His current research interests include routing and location service protocols for multi-hop wireless networks, applied security in wireless and peer-to-peer systems, resource allocation in mobile distributed systems

References (28)

  • N. Asokan et al.

    Key agreement in ad hoc networks

    Comput. Comm.

    (2000)
  • S.A. Vanstone

    Next generation security for wireless: elliptic curve cryptography

    Comput. & Security

    (2003)
  • G. Ateniese, M. Steiner, G. Tsudik, Authenticated group key agreement and friends, in: ACM Conference on Computer and...
  • G. Ateniese et al.

    New multiparty authentication services and key agreement protocols

    IEEE J. Selected Areas Comm.

    (2000)
  • M. Aydos, B. Sunar, C.K. Koc, An elliptic curve cryptography based authentication and key agreement protocol for...
  • W. Diffie et al.

    New directions in cryptography

    IEEE Trans. Inform. Theory

    (1976)
  • Digital signature standard, Federal Information Processing Standards Publication 186, National Institute for Standards...
  • ECDSA, as specified in ANSI...
  • T. Elgamal

    A public key cryptosystem and a signature scheme based on discrete logarithms

    IEEE Trans. Inform. Theory

    (1985)
  • A. Fekete et al.

    Specifying and using a partitionable group communication service

    ACM Trans. Comput. Systems

    (2001)
  • N. Gura, A. Patel, A. Wander, H. Eberle, S.C. Shantz, Comparing elliptic curve cryptography and rsa on 8-bit cpus, in:...
  • M. Just et al.

    Authenticated multi-party key agreement

  • Y. Kim, A. Perrig, G. Tsudik, Simple and fault-tolerant key agreement for dynamic collaborative groups, in: ACM...
  • Y. Kim, A. Perrig, G. Tsudik, Communication-efficient group key agreement, in: SEC, 2001, pp....
  • Cited by (0)

    Venkata C. Giruka received the B.Tech. degree from Osmania University, Hyderabad, and the M.S. degree in Computer Science from the University of Texas at Dallas in 2001. He is currently a Ph.D. student in the Department of Computer Science at the University of Kentucky, Lexington. His current research interests include routing and location service protocols for multi-hop wireless networks, applied security in wireless and peer-to-peer systems, resource allocation in mobile distributed systems and sensor networks, and bio-inspired computing. He is currently a student member of the IEEE, ACM, and ACM SIGEVO.

    Saikat Chakrabarti is currently pursuing Ph.D. in Computer Science at the University of Kentucky, Lexington. His current research interests include bilinear pairing-based cryptosystems, identity-based cryptosystems, graphical passwords and key agreement in wireless peer-to-peer systems. He received a Bachelor of Engineering degree in Electrical Engineering with first class from Bengal Engineering and Science University, Shibpur, India in 1999 and served as a Systems Engineer at Tata Consultancy Services, India from 1999 to 2002.

    Mukesh Singhal is a Full Professor and Gartener Group Endowed Chair in Network Engineering in the Department of Computer Science at The University of Kentucky, Lexington. From 1986 to 2001, he was a faculty in Computer and Information Science at The Ohio State University.

    He received a Bachelor of Engineering degree in Electronics and Communication Engineering with high distinction from Indian Institute of Technology, Roorkee, India, in 1980 and a Ph.D. degree in Computer Science from University of Maryland, College Park, in May 1986. His current research interests include distributed systems, wireless and mobile computing systems, computer networks, computer security, and performance evaluation.

    He has published over 175 refereed articles in these areas. He has coauthored three books titled “Data and Computer Communications: Networking and Internetworking”, CRC Press, 2001, “Advanced Concepts in Operating Systems”, McGraw-Hill, New York, 1994 and “Readings in Distributed Computing Systems”, IEEE Computer Society Press, 1993. He is a Fellow of IEEE. He is a recipient of 2003 IEEE Technical Achievement Award. He is currently serving in the editorial board of “IEEE Transactions on Knowledge and Data Engineering” and “IEEE Transactions on Computers”. From 1998 to 2001, he served as the Program Director of Operating Systems and Compilers program at National Science Foundation.

    This research was partially supported by NSF grants IIS-0242384 and IIS-0324836.

    View full text