Qi Cheng,Zhuo Zhao,Chingfang Hsu,Maoyuan Zhang,Qing Yang,Di Wu

DOI: https://doi.org/10.1155/2021/7703466

IF: 1.43

2021-01-01

Mathematical Problems in Engineering

Abstract:Although nowadays lots of group key agreement schemes have been presented, most of these protocols generate a secret key for a single group. However, in the IoT HCS, more and more communications are involved in multiple groups and users can join multiple groups to communicate at the same time. Therefore, applying the conventional public-key-based one-at-a-time group key establishment protocols has heavy computational cost or suffer from security vulnerabilities. At the same time, in an IoT HCS, a trusted KGC is usually not available and so more flexible self-organized multigroup keys generation will be desired by all group members. In order to address this issue, a practical scheme for efficient and flexible KGC-free polynomial-based multigroup key establishments for IoT HCS is proposed. The proposed protocol can generate multiple group keys for all group members at once, instead of generating one key each time for a single group; more importantly, there is no need for a trusted KGC in the process of group keys establishment and each user can join multiple groups at the same time using only one reserved share. Meanwhile, the security of the proposed protocol is discussed in detail. Finally, we compare this protocol with the latest related group key distribution protocols in performance analysis. The results show that this efficient and flexible KGC-free polynomial-based multiple group keys establishment protocol is more suitable for practical group key agreement in IoT HCS.

Lianhai Liu,Yujue Wang,Jingwei Zhang,Qing Yang

DOI: https://doi.org/10.3390/s19030482

IF: 3.9

2019-01-01

Sensors

Abstract:A vehicular ad hoc network (VANET) is a special mobile ad hoc network that provides vehicle collaborative security applications using intervehicle communication technology. The method enables vehicles to exchange information (e.g., emergency brake). In VANET, there are many vehicle platoon driving scenes, where vehicles with identical attributes (location, organization, etc.) are organized as a group. However, this organization causes the issue of security threats (message confidentiality, identity privacy, etc.) because of an unsafe wireless communication channel. To protect the security and privacy of group communication, it is necessary to design an effective group key agreement scheme. By negotiating a dynamic session secret key using a fixed roadside unit (RSU), which has stronger computational ability than the on-board unit (OBU) equipped on the vehicle, the designed scheme can help to provide more stable communication performance and speed up the encryption and decryption processes. To effectively implement the anonymous authentication mechanism and authentication efficiency, we use a batch authentication scheme and a shared secret key mechanism among the vehicles, RSUs and trusted authority (TA). We design an efficient group secret key agreement scheme, which satisfies the above communication and security requirements, protects the privacy of vehicles, and traces the real identity of the vehicle at a time when it is necessary. Computational analysis shows that the proposed scheme is secure and more efficient than existing schemes.

Zhijun Zhang,Pla Information

2010-01-01

Abstract:A group key agreement protocol based on m-tree and DMDH assumption is developed to improve the poor scalability and efficiency of most existing group key agreement protocols in dynamic peer communication.This protocol combined m-tree with DMDH assumption,which key agreement is completed by which all group members agreed on variable m to fix on key tree and selected corresponding multilinear map from cluster of multilinear maps.Meanwhile,it much more applied to LAN and WAN by which communication and computation costs are balanced by variable m.Compared with TGDH and GDH,it made a great progress in security,scalability and efficiency.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Yu Liu,Kaiping Xue

DOI: https://doi.org/10.1007/s11071-015-2506-2

IF: 5.741

2015-01-01

Nonlinear Dynamics

Abstract:Recently, chaos has been treated as a good way to reduce computational complexity while satisfying security requirements of a key agreement protocol. Guo and Zhang (Inf Sci 180(20):4069–4074, 2010 ) proposed an chaotic public-key cryptosystem-based key agreement protocol. Lee (Inf Sci 290:63–71, 2015 ) has proved that Guo et al.’s scheme cannot resist off-line password guess attack. In this paper, we furtherly demonstrate Guo et al.’s scheme has redundancy in protocol design and still has some security flaws. Furthermore, we present an improved secure password and chaos-based two-party key agreement protocol, which can solve the security threats of replay and denial-of-service attacks. Meanwhile, we simplify the protocol steps to reduce redundancy in protocol design. From security and performance analysis, our proposed protocol can resist the security flaws in related works, and it has less communication overhead and computational complexity.

Qiuhua Wang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1002/sec.429

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:The self-healing group key distribution scheme with revocation can deal with the problem of distributing session keys for secure group communication over an unreliable wireless network, with the capability to resist packet loss and collusion attack. However, existing access-polynomial-based self-healing key management schemes have some problems, such as the small number of active group members, much redundancy in the key updating broadcast packet, and limited collusion attack resistance capability. In order to increase the number of active group members and improve the performance of self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the access polynomial and one-way hash key chain for resource-constrained wireless networks in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, some novel methods to construct the personal secret, the access polynomial, and the session key updating broadcast packet are presented. Compared with existing schemes under same conditions, analysis and simulation results show that our proposed scheme not only supports much more group members and sessions, but also provides a stronger security, considering that it can deal with more colluding users. Moreover, our proposed scheme is especially suitable to resource-constrained wireless networks in a very bad environment. Copyright © 2012 John Wiley & Sons, Ltd.

Kui Ren,Hyunrok Lee,Kwangjo Kim,Taewhan Yoo

DOI: https://doi.org/10.1007/978-3-540-31815-6_13

2005-01-01

Abstract:Group key management presents a fundamental challenge in secure dynamic group communications. In this paper, we propose an efficient group authenticated key agreement protocol (EGAKA), which is designed to be fully distributed and fault-tolerant, provides efficient dynamic group membership management, mutual authentication among group members and is secure against both passive and active attacks. The features of EGAKA are as follows: Firstly, EGAKA can be built on any general two-party key exchange protocol without relying on a particular one. EGAKA achieves scalability and robustness in heterogenous environments by allowing members to use any available two-party protocol in common and deliberately designed fault-tolerant mechanism in dynamic membership management. Secondly, EGAKA provides extremely efficient member join services in terms of both communication and computation costs which are constant to the group size. This is a very useful property in the scenarios with frequent member addition.

Kaiping Xue,Peilin Hong

DOI: https://doi.org/10.1016/j.cnsns.2011.11.025

IF: 4.186

2012-01-01

Communications in Nonlinear Science and Numerical Simulation

Abstract:In 2009, Tseng et al. proposed a password sharing and chaotic map based key agreement protocol (Tseng et al.’s protocol). They claimed that the protocol provided mutual authentication between a server and a user, and allowed the user to anonymously interact with the server to establish a shared session key. However, in 2011, Niu et al. have proved that Tseng et al.’s protocol cannot guarantee user anonymity and protocol security when there is an internal adversary who is a legitimate user. Also it cannot provide perfect forward secrecy. Then Niu et al. introduced a trust third party (TTP) into their protocol designing (Niu et al.’s protocol). But according to our research, Niu et al.’s protocol is found to have several unsatisfactory drawbacks. Based on reconsidering Tseng et al.’s protocol without introducing TTP, we give some improvements to meet the original security and performance requirements. Meanwhile our proposed protocol overcomes the security flaws of Tseng et al.’s protocol.

Gang Yao,Kui Ren,Feng Bao,Robert H. Deng,Dengguo Feng

DOI: https://doi.org/10.1007/978-3-540-45203-4_27

2003-01-01

Abstract:Mobile ad hoc networks offer convenient infrastructureless communications over the shared wireless channel. However, the nature of mobile ad hoc networks makes them vulnerable to security attacks, such as passive eavesdropping over the wireless channel and denial of service attacks by malicious nodes. To ensure the security, several cryptography protocols are implemented. Due to the resource scarcity in mobile ad hoc networks, the protocols must be communication efficient and need as less computational power as possible. Broadcast communication is an important operation for many application in mobile ad hoc networks. To securely broadcast a message, all the members in the network need share a group key so that they can use efficient symmetric encryption, such as DES and AES. Several group key management protocols have been proposed. However, not all of them are communication efficient when applied to mobile ad hoc networks. In this paper, we propose a hierarchical key agreement protocol that is communication efficient to mobile ad hoc networks. We also show how to manage the group efficiently in a mobile environment.

Wang Changji,Yang Bo,Wu Jianping

DOI: https://doi.org/10.1007/s11767-005-0007-z

2005-01-01

Abstract:In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang’s protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang’s protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations.

Zisang Xu,Feng Li,Han Deng,Minfu Tan,Jixin Zhang,Jianbo Xu

DOI: https://doi.org/10.3390/s20174835

IF: 3.9

2020-08-27

Sensors

Abstract:With the rapid development of mobile networks, there are more and more application scenarios that require group communication. For example, in mobile edge computing, group communication can be used to transmit messages to all group members with minimal resources. The group key directly affects the security of the group communication. Most existing group key agreement protocols are often flawed in performance, scalability, forward or backward secrecy, or single node failure. Therefore, this paper proposes a blockchain-based authentication and dynamic group key agreement protocol. With our protocol, each group member only needs to authenticate its left neighbor once to complete the authentication, which improved authentication efficiency. In addition, our protocol guarantees the forward secrecy of group members after joining the group and the backward secrecy of group members after leaving the group. Based on blockchain technology, we solve the problem of single node failure. Furthermore, we use mathematics to prove the correctness and security of our protocol, and the comparison to related protocols shows that our protocol reduces computation and communication costs.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Hung-Min Sun,Bing-Zhe He,Chien-Ming Chen,Tsu-Yang Wu,Chia-Hsien Lin,Huaxiong Wang

DOI: https://doi.org/10.1016/j.ins.2015.01.037

IF: 8.1

2015-01-01

Information Sciences

Abstract:Secure group communication over an untrusted open network is a continuing problem, especially in mobile environments. With the development of 3G networks and mobile computing technology, the number of group-oriented applications is increasing rapidly. Although these applications are convenient, achieving secure group communication to protect user privacy is a major concern. This study presents an authenticated group key agreement protocol for mobile environments. By using certificateless public key cryptography, the protocol reduces the cost of managing the certificates and avoids the key escrow problem. Instead of a fully-trusted server, the protocol uses a semi-trusted server, which helps users communicate but does not learn about the group key. The analytical results indicate that the proposed protocol provides good security in mobile environments.

Xuefei Cao,Lanjun Dang,Kai Fan,Xingwen Zhao,Yulong Fu,Yingzi Luan

DOI: https://doi.org/10.1109/jiot.2024.3406757

IF: 10.6

2024-08-25

IEEE Internet of Things Journal

Abstract:Authenticated group key agreement (AGKA) protocols protect the security of communications among a group of users. Dutta and Barua proposed a dynamic AGKA protocol, but it fails to the leaving user attacks and the attacks by two malicious users. In this article, we propose a dynamic AGKA protocol based on the computational Diffie-Hellman problem. The proposed AGKA protocol achieves sound dynamicity and efficiency. With 10 users in a group, the improvements in computation and communication overheads achieve 82.5% and 72.6%, respectively. Then the proposed AGKA protocol is applied to vehicular ad hoc network (VANET). SC-AGKA, a self-certified authentication and key agreement protocol for VANET is presented. Pseudonyms are employed with care in SC-AGKA to provide conditional privacy. It is suitable for SC-AGKA to protect the vehicular group communications in VANET considering its security strength and efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Daojing He,Chun Chen,Maode Ma,Sammy Chan,Jiajun Bu

DOI: https://doi.org/10.1002/dac.1355

2011-01-01

International Journal of Communication Systems

Abstract:SUMMARYPassword‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd.

Qingfeng Cheng,Chuangui Ma

DOI: https://doi.org/10.48550/arXiv.1008.1221

2010-08-06

Abstract:In AFRICACRYPT 2010, Abdalla et al. first proposed a slight modification to the computations steps of the BD protocol, called mBD+P. Then they extended mBD+P protocol into mBD+S protocol. In this paper, we show that both of mBD+P and mBD+S protocols are vulnerable to malicious insiders attack. Further, we propose a simple countermeasure against this attack.

Cryptography and Security

Qiang Zhao,Zhuohua Li,John C.S. Lui

2023-12-07

Abstract:Quantum key distribution (QKD) protocols are essential to guarantee information-theoretic security in quantum communication. Although there was some previous work on quantum group key distribution, they still face many challenges under a ``\textit{dynamic}'' group communication scenario. In particular, when the group keys need to be updated in real-time for each user joining or leaving to ensure secure communication properties, i.e., forward confidentiality and backward confidentiality. However, current protocols require a large amount of quantum resources to update the group keys, and this makes them impractical for handling large and dynamic communication groups. In this paper, we apply the notion of ``{\em tree key graph}'' to the quantum key agreement and propose two dynamic Quantum Group Key Agreement (QGKA) protocols for a join or leave request in group communications. In addition, we analyze the quantum resource consumption of our proposed protocols. The number of qubits required per join or leave only increases logarithmically with the group size. As a result, our proposed protocols are more practical and scalable for large and dynamic quantum group communications.

Quantum Physics

Yi Sun,Qiaoyan Wen,Hongxiang Sun,Wenmin Li,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1016/j.proeng.2011.12.731

2012-01-01

Procedia Engineering

Abstract:In traditional group key transfer protocol, the key generation center randomly selects a session key and then transports it that has been encrypted by another secret key. Afterwards, scholars construct authenticated key transfer protocols based on secret sharing instead of encryption algorithm. One typical protocol of this style is built by using the secret sharing scheme based on Language's interpolation polynomial. In this paper, we utilize an optimized secret sharing scheme instead of Language's interpolation polynomial. We provide mutual authentication to ensure that only the authorized group members can recover the right session key. What's more, all participants only need to store one secret share for all sessions. Besides, the change of the group members has no effect on the validity of the existing shares, which means the existing shares possess the excellent characteristic “one time assign, many times apply”.

Haomin Yang,Yaoxue Zhang,Yuezhi Zhou

DOI: https://doi.org/10.1109/ICCT.2012.6511182

2017-01-01

Abstract:Recently, Mokhtarnameh, Ho, Muthuvelu proposed a certificateless key agreement protocol. In this paper, we show that their protocol is unsecured against a man-in-the-middle attack. In addition, the authors claimed that their scheme provides a binding long-term public key with a corresponding partial private key. In fact, their protocol does not achieve the binding. We propose an improved key agreement protocol based on the protocol proposed by Mokhtarnameh et al. The improved protocol can resist the man-in-the-middle attack as well as satisfy the desired security properties for key agreement. It truly achieves the one-to-one correspondence between the long-term public key and the partial private key of a user. Compared with the other related protocols, the protocol has advantages in both security and computational efficiency.

Zhiguo Wan,Kui Ren,Wenjing Lou,Bart Preneel

DOI: https://doi.org/10.1109/WCNC.2008.459

2008-01-01

Abstract:Popularity of group oriented applications motivates research on security and privacy protection for group communications. A number of group key agreement protocols exploiting ID based cryptosystem have been proposed for this objective. Though bearing beneficial features like reduced management cost, private key delegation from ID based cryptosystem, they have not taken into account privacy issues during group communication. In wireless networks, the privacy problem becomes more crucial and urgent for mobile users due to the open nature of radio media. In this paper, we proposed an anonymous ID based group key agreement protocol for wireless networks. Based on ID based cryptosystem, our protocol not only benefits from the desirable features of ID based cryptosystem, but also provides privacy protection for mobile users. More important, in the proposed protocol, the computation cost for each group member is largely reduced to meet the computation capability restriction of mobile devices.

Qikun Zhang,Liang Zhu,Ruifang Wang,Jianyong Li,Junling Yuan,Tiancai Liang,Jun Zheng

DOI: https://doi.org/10.1002/int.22544

IF: 8.993

2021-06-22

International Journal of Intelligent Systems

Abstract:<p>Security communication and information sharing among mobile devices are important application technologies of the intelligent information system (IIS). Because IIS is vulnerable to attacks, so the security of information sharing among mobile devices is seriously threatened. Thence, it is necessary to establish a secure channel for communication among mobile devices of IIS over an opening network. Group key agreement (GKA) can establish a secure channel among mobile devices of IIS by encryption technology. Due to the resource-constraints of mobile devices, such as weak computing power, small storage capacity, and limited communication range. To address these issues, an asymmetric GKA protocol among terminals of IIS for mobile edge computing (GKA–IIS–MEC) network is proposed in this paper. Adopted asymmetric GKA to achieve the group secure communication mechanisms that message sender unfettered in this protocol; the protocol also uses edge computing environment to migrate the computation and communication loads of mobile devices of IIS to edge nodes, thereby ensuring that mobile devices have lightweight computation and communication loads; and the members participating in the GKA can verify whether the group session keys they calculated are correctness. Under the hardness assumption of bilinear inverse Diffie–Hellman problem, the proposed protocol is proven that it can resist negative attacks. After evaluating the performance of the protocol, GKA–IIS–MEC has higher efficiency than the referred works in terms of time cost, communication consumption, and computation consumption.</p>

computer science, artificial intelligence