Contributory Password-Authenticated Group Key Exchange with Join Capability

Password-based authenticated group key exchange allows any group of users in possession of a low-entropy secret key to establish a common session key even in the presence of adversaries. In this paper, we propose a new generic construction of password-authenticated group key exchange protocol from any two-party password-authenticated key exchange with explicit authentication. Our new construction has several advantages when compared to existing solutions. First, our construction only assumes a common reference string and does not rely on any idealized models. Second, our scheme enjoys a simple and intuitive security proof in the universally composable framework and is optimal in the sense that it allows at most one password test per user instance. Third, our scheme also achieves a strong notion of security against insiders in that the adversary cannot bias the distribution of the session key as long as one of the players involved in the protocol is honest. Finally, we show how to easily extend our protocol to the dynamic case in a way that the costs of establishing a common key between two existing groups is significantly smaller than computing a common key from scratch.

[1]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[2]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[3]  Georg Fuchsbauer,et al.  Strong Cryptography from Weak Secrets , 2010, AFRICACRYPT.

[4]  Jonathan Katz,et al.  A new framework for efficient password-based authenticated key exchange , 2010, CCS '10.

[5]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[6]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[7]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[8]  Ran Canetti,et al.  Universal Composition with Joint State , 2003, CRYPTO.

[9]  Serge Vaudenay Public Key Cryptography - PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005, Proceedings , 2005, Public Key Cryptography.

[10]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[11]  Yvo Desmedt,et al.  A secure and scalable Group Key Exchange system , 2005, Inf. Process. Lett..

[12]  David Pointcheval,et al.  Efficient Two-Party Password-Based Key Exchange Protocols in the UC Framework , 2008, CT-RSA.

[13]  Victor Shoup,et al.  A computational introduction to number theory and algebra , 2005 .

[14]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[15]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[16]  Craig Gentry,et al.  A Method for Making Password-Based Key Exchange Resilient to Server Compromise , 2006, CRYPTO.

[17]  Emmanuel Bresson,et al.  Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions , 2002, EUROCRYPT.

[18]  Yehuda Lindell,et al.  A Framework for Password-Based Authenticated Key Exchange , 2003, EUROCRYPT.

[19]  Rainer Steinwandt,et al.  Password-Authenticated Constant-Round Group Key Establishment with a Common Reference String , 2006, IACR Cryptol. ePrint Arch..

[20]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[21]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[22]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[23]  Kefei Chen,et al.  Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 3-7, 2006, Proceedings , 2006, ASIACRYPT.

[24]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[25]  Yehuda Lindell,et al.  Universally Composable Password-Based Key Exchange , 2005, EUROCRYPT.

[26]  Yehuda Lindell,et al.  Secure Computation Without Authentication , 2005, Journal of Cryptology.

[27]  Georg Fuchsbauer,et al.  Building Efficient PKE and IBE from Distributed Passwords , 2010 .

[28]  Bart Preneel Progress in Cryptology - AFRICACRYPT 2009, Second International Conference on Cryptology in Africa, Gammarth, Tunisia, June 21-25, 2009. Proceedings , 2009, AFRICACRYPT.

[29]  David Pointcheval,et al.  Smooth Projective Hashing for Conditionally Extractable Commitments , 2009, CRYPTO.

[30]  Shai Halevi Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings , 2009, CRYPTO.

[31]  Colin Boyd,et al.  Universally composable contributory group key exchange , 2009, ASIACCS '09.

[32]  Tal Malkin Topics in Cryptology - CT-RSA 2008, The Cryptographers' Track at the RSA Conference 2008, San Francisco, CA, USA, April 8-11, 2008. Proceedings , 2008, CT-RSA.

[33]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[34]  David Pointcheval,et al.  Distributed Public-Key Cryptography from Weak Secrets , 2009, Public Key Cryptography.

[35]  Tanja Lange,et al.  Progress in Cryptology - AFRICACRYPT 2010, Third International Conference on Cryptology in Africa, Stellenbosch, South Africa, May 3-6, 2010. Proceedings , 2010, AFRICACRYPT.

[36]  Stanislaw Jarecki,et al.  Public Key Cryptography – PKC 2009 , 2009, Lecture Notes in Computer Science.

[37]  Marc Joye,et al.  Topics in Cryptology — CT-RSA 2003 , 2003 .

[38]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[39]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[40]  David Pointcheval,et al.  A Scalable Password-Based Group Key Exchange Protocol in the Standard Model , 2006, ASIACRYPT.

[41]  María Isabel González Vasco,et al.  (Password) Authenticated Key Establishment: From 2-Party to Group , 2007, TCC.

[42]  David Pointcheval,et al.  Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness , 2009, AFRICACRYPT.

[43]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[44]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.