Zhijun Zhang,Pla Information

2010-01-01

Abstract:A group key agreement protocol based on m-tree and DMDH assumption is developed to improve the poor scalability and efficiency of most existing group key agreement protocols in dynamic peer communication.This protocol combined m-tree with DMDH assumption,which key agreement is completed by which all group members agreed on variable m to fix on key tree and selected corresponding multilinear map from cluster of multilinear maps.Meanwhile,it much more applied to LAN and WAN by which communication and computation costs are balanced by variable m.Compared with TGDH and GDH,it made a great progress in security,scalability and efficiency.

Zeyu Yang,Ziqing Wang,Fei Qiu,Fagen Li

DOI: https://doi.org/10.1016/j.jisa.2022.103388

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:A group key agreement protocol allows a set of users to establish a common session key over an open network. A dynamic contributory group key agreement (DCGKA) protocol generates a session key based on contributions of all group members and allows a member to dynamically join or leave this group. Although current DCGKA can resist passive attacks, it cannot resist positive attacks like the man-in-the-middle (MITM) attack. In this paper, we propose a dynamic contributory Group Key Agreement protocol by using Short Signature (called GKA-SS) which uses bilinear map to accomplish the signature and the verification processes. The formal security proof shows that our protocol can resist both active and passive attacks under random oracle model. The informal security analysis indicates that our protocol can obtain backward secrecy, forward secrecy, etc. Besides, we analyze the communication and computation cost of our protocol and simulate it with pypbc library. As compared with TGECDH, our protocol is 2.4 times faster in join phase and 29 times faster in leave phase, when p is 512 bits, q is 160 bits and group size is 256.

Ming-Hui Zheng,Hui-Hua Zhou,Jun Li,Guo-Hua Cui

DOI: https://doi.org/10.1016/j.csi.2008.09.021

IF: 3.721

2009-01-01

Computer Standards & Interfaces

Abstract:This paper considers the issue on authenticated group key agreement protocol among n users broadcasting communication over an insecure public network. Many authenticated group Diffie-Hellman key agreement protocols have been proposed to meet the challenges. However, existing protocols are either limited by the use of public key infrastructure or by their scalability, requiring O(n) rounds. To overcome these disadvantages, we propose an efficient password-based group key agreement protocol resistant to the dictionary attacks by adding password-authentication services to a non-authenticated multi-party key agreement protocol proposed by Horng. The proposed protocol is very efficient since it only requires constant rounds to agree upon a session key, and each user broadcasts a constant number of messages and only requires four exponentiations. Under the Decisional Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.

Yang Yu,Aixin Zhang,Junhua Tang,Haopeng Chen

DOI: https://doi.org/10.1007/978-90-481-3662-9_42

2010-01-01

Abstract:Group communication mechanism provides several participants with a secure and credible communication environment by sharing a confidential group key within group members. Group Diffle-Hellman key exchange protocol (GDR) is an extension of two-party Diffie-Hellman key exchange. Many protocols based on GDH protocol have been proposed, among which AT-GDH protocol is an authenticated group key agreement protocol. AT-GDH2 protocol complements AT-GDH with a dynamic group key updating scheme. This paper proposes an improved dynamic scheme based on AT-GDH after analyzing the security flaws in AT-GDH2 protocol. We name this proposed group key management process as AT-GDH3. Then the security property of AT-GDH3 protocol is analyzed using the strand space and authentication test theory from the aspects of authentication, implicit key authentication, recency, backward security and forward security. The results show that AT-GDH3 protocol can overcome the security flaws in AT-GDH2 protocol, and can guarantee security properties of group key management.

李明,王勇,谷大武,白英彩

2005-01-01

Abstract:An authenticated group key agreement protocol suite (PAGKA) based on pairings is presented in this paper. This suite extends an efficient Diffie-Hellman-based protocol suite by introducing parings on elliptic curves and public-key certificates. The result suite builds its security on the hardness of the bilinear Diffie-Hellman (BDH) problem in the random oracle model, and provides implicit key authentication, perfect forward secrecy and unknown key-share secrecy.

Chunbo Ma,Jun Ao,Jianhua Li

2007-01-01

Abstract:A password-based tripartite key agreement protocol is presented in this paper. The three entities involved in this protocol can negotiate a common session key via a shared password over insecure networks. Proofs are given to show that the proposed protocol is secure against forging and chosen message attacks in the case of without actually running a dictionary attack.

Chunxiang Xu,Junhui Zhou

IF: 1.019

2009-01-01

Chinese Journal of Electronics

Abstract:Multiparty key agreement (MKA) is a secure and robust approach to establish a group key for secure group oriented applications over non-private underlying networks, and it can be efficiently implemented with ECC (Elliptic curve cryptography). In this paper, we propose a generic two round model for ECC based MKA. All users involved are organized into a ring in this model and distributedly compute a group key by two round message exchanges. Upon this model, we construct a concrete ECC based MKA protocol with scalability and low computational complexity. The protocol is dynamic, that is, it supports key update when user group membership changes to ensure forward secrecy and backward secrecy. The protocol :is proved to be secure under the Decision Diffie-Hellman (DDH) assumption on the elliptic curve. Its security is reduced to the intractable DDH problem on the elliptic curve.

Wen Hailong,Gu Dawu

DOI: https://doi.org/10.1145/1046290.1046294

2005-01-01

Abstract:In this paper we present an authenticated group key agreement scheme with admission control for dynamic peer groups. Admission control is a necessary part of group communication. The scheme uses secret sharing to achieve integration of admission control and key agreement and addresses the pre-requisite for key management. Identity-based cryptosystems are used for mutual authentication and key agreement, and it avoids bandwidth consuming and expensive computation arising from certificates in PKI.

Kui Ren,Hyunrok Lee,Kwangjo Kim,Taewhan Yoo

DOI: https://doi.org/10.1007/978-3-540-31815-6_13

2005-01-01

Abstract:Group key management presents a fundamental challenge in secure dynamic group communications. In this paper, we propose an efficient group authenticated key agreement protocol (EGAKA), which is designed to be fully distributed and fault-tolerant, provides efficient dynamic group membership management, mutual authentication among group members and is secure against both passive and active attacks. The features of EGAKA are as follows: Firstly, EGAKA can be built on any general two-party key exchange protocol without relying on a particular one. EGAKA achieves scalability and robustness in heterogenous environments by allowing members to use any available two-party protocol in common and deliberately designed fault-tolerant mechanism in dynamic membership management. Secondly, EGAKA provides extremely efficient member join services in terms of both communication and computation costs which are constant to the group size. This is a very useful property in the scenarios with frequent member addition.

Zhiguo Wan,Robert H. Deng,Feng Bao,Bart Preneel,Ming Gu

DOI: https://doi.org/10.1007/s11390-009-9207-6

2009-01-01

Abstract:Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a hierarchical group PAKE protocol nPAKE(+) protocol under the setting where each party shares an independent password with a trusted server. The nPAKE(+) protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE(+) enables every subgroup obtains their own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.

Hui Li,Chuan-Kun Wu,Lingbo Wei

DOI: https://doi.org/10.1007/978-3-642-12827-1_24

2010-01-01

Abstract:In this paper, we extend Abdalla et al. ’s work in Asiacrypt 2005 to group-based setting. Our goal is to allow a group of users to establish a shared session key with a gateway under the assistance of an authentication server, while the server has no information about this session key and the gateway has no information about any password. Distinct to ordinary password-based group key exchange protocols, different shares of a groupwise password are assigned to group users respectively in our protocol. Each share is also a human-memorable password. According to our protocol, a group of at least k (a predefined threshold) users is authorized to establish a key with gateway. Additionally, the new protocol is proven secure in random-oracle model.

YJ Shi,GL Chen,JH Li

DOI: https://doi.org/10.1109/itcc.2005.169

2005-01-01

Abstract:Authenticated group key agreement is important in many modern collaborative and distributed applications. Recently, identity-based authenticated group key agreement has been increasingly researched because of the simplicity of a public key management. Basically, these protocols provide authentication by signatures. Hence they are less efficient for the verification of signatures creates additional computational overhead. In the paper, we propose an efficient authenticated group key agreement protocol by introducing a modified identity-based public key infrastructure with new system setup and key extraction algorithms. The security of our protocol is assured by the discrete logarithm assumption. Moreover, our protocol requires only one round and is more efficient than all previously known ones since it provides authentication without using signatures.

Xiangjun Xin,Chaoyang Li,Dongsheng Chen,Fagen Li

DOI: https://doi.org/10.14257/ijhit.2016.9.2.11

2016-01-01

International Journal of Hybrid Information Technology

Abstract:In the paper, we analyze the security vulnerability of the key agreement protocol proposed by Lee et al.'s. We present a forgery attack to their protocol. In this attack, the adversary can modify the signed message and forge a new signature, which can pass the verification. Then, we propose a new group key agreement protocol, which overcomes this security drawback. The new protocol can be proved to be secure under Elliptic Curve Discrete Logarithm Problem, Bilinear Computational Diffie–Hellman Problem and Square-Exponent Problem. On the other hand, in the new protocol, only three pairing operations are used, so it is more efficient. Our protocol is also a contributory group key agreement protocol.

shengli liu,fangguo zhang,kefei chen

DOI: https://doi.org/10.1109/isit.2003.1228150

2003-01-01

Abstract:An authenticated tripartite key agreement protocol is proposed with Identity-based public key system, which is based on bilinear pairings.

Victor Boyko,Philip MacKenzie,Sarvar Patel

DOI: https://doi.org/10.1007/3-540-45539-6_12

2000-01-01

Abstract:When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using crypto-graphically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who obtains this information may be able to run an off-line dictionary attack to determine the correct password. We present a new protocol called PAK which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. In addition to the PAK protocol that provides mutual explicit authentication, we also show a more efficient protocol called PPK that is provably secure in the implicit-authentication model. We then extend PAK to a protocol called PAK-X, in which one side (the client) stores a plaintext version of the password, while the other side (the server) only stores a verifier for the password. We formally prove security of PAK-X, even when the server is compromised. Our formal model for password-authenticated key exchange is new, and may be of independent interest.

ZHU Chang-sheng,LIU Peng-hui,WANG Qing-rong,CAO Lai-cheng

DOI: https://doi.org/10.3724/sp.j.1087.2011.01862

2011-01-01

Journal of Computer Applications

Abstract:How to keep mutual anonymity between two entities is one of the critical issues for Trusted Computation(TC).According to the characteristics of TC,an efficient password-based authenticated key exchange scheme was proposed.Adopting threshold cryptography and fuzzy ID set,the scheme achieved mutual anonymity between user and server sharing ID set.On the premise of secure hashing,the analysis and the proving procedure based on the Random Oracle Model(ROM) show this scheme is secure against dictionary attack and resource-depletion DoS(Denial-of-Service) attack under the computational Diffie-Hellman intractability assumption.This scheme effectively preserves the user's privacy and server's privacy,and compared with other schemes such as VIET et al.'s scheme,it is more efficient.

Hu Xiong,Yanan Chen,Zhong Chen,Fagen Li

DOI: https://doi.org/10.2316/Journal.202.2013.1.202-3540

2015-01-01

International Journal of Computers and Applications

Abstract:Three-party password-based authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key with the help of an authenticated server over an insecure channel. Owning to the significance in building a secure communication channel, a number of approaches have been suggested over the years. However, the lack of formal security proof is a major issue in the related literature. In this paper, we propose a simple 3PAKE protocol based upon elliptic curve cryptography along with formal security proof under the decisional Diffie-Hellman assumption. Experimental results by using the automated validation of Internet security protocols and applications tool also show that the proposed protocol is secure against various malicious attacks. Compared with previous work, the proposed protocol has lower computation costs and lighter communication loads.

ZOU Da-bi,LIN Dong-dai

2006-01-01

Abstract:Group key agreement protocols are fundamental to group-oriented applications which gain more and more popularity today. Based on bilinear pairings and the random oracle model, a new identity-based dynamic group key agreement protocol for mobile networks was proposed. The analysis results show that the proposed protocol is efficient in terms of both computation and communication complexity, and satisfies most of the security requirements of key agreement.

舒剑,许春香

DOI: https://doi.org/10.3969/j.issn.1001-0548.2009.03.018

2009-01-01

Abstract:The security of an authenticated group key exchange is analyzed,the results show that it is insecure due to redundancy of the exchange messages.Based on the protocol of Burmester and Desmedt,an improved protocol is proposed with merits in terms of computation and communication.The improved protocol provides not only the capability of forward secrecy and mutual authentication,but also the capability against man-in-middle attack.The protocol is proven secure in the random-oracle and ideal-cipher models under the computational Diffie-Hellman(CDH) assumption.

XU Chun-xiang,HE Xiao-hu

DOI: https://doi.org/10.3969/j.issn.1001-0548.2012.04.023

2012-01-01

Abstract:Three-party password-based authenticated key exchange protocols allow two clients to authenticate each other and establish a shared session key through a trusted server who preserves clients’ passwords or verifiers about passwords.However,because of the low entropy of passwords,password-based authenticated key exchange protocols are vulnerable to dictionary attacks.Based on available protocols,a new efficient three-party password-based authenticated key exchange protocol is proposed by combining the symmetric encryption algorithm with the method of two-party key exchange protocol of Diffie-Hellman.Results indicate that and the proposed protocol can resist against various attacks and provide the perfect forward security.