Pitfalls in a server-aided authenticated group key establishment

Abstract In this paper, we present a cryptanalysis of a recently proposed server-aided group key agreement scheme by Sun et al. This proposal is designed for mobile environments, in which a group of users aim at establishing a common secret key with the help of a semi-trusted server. At this, authentication is achieved using certificateless public key cryptography. We evidence that the scheme does not achieve forward secrecy, is vulnerable to a known session attack (that can, for instance, be mounted by a semi-honest server) and is not (as claimed by the authors) contributory. Further security hardships in more restricted models (i.e. in which stronger corruptions are allowed) are also discussed.

[1]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[2]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[3]  Hung-Min Sun,et al.  A provable authenticated group key agreement protocol for mobile environment , 2015, Inf. Sci..

[4]  Emmanuel Bresson,et al.  Mutual Authentication and Group Key Agreement for low-Power Mobile Devices , 2003, MWCN.

[5]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, CRYPTO.

[6]  Rainer Steinwandt,et al.  Secure group key establishment revisited , 2007, International Journal of Information Security.

[7]  Yuh-Min Tseng,et al.  A revocable ID-based authenticated group key exchange protocol with resistant to malicious participants , 2012, Comput. Networks.

[8]  Emmanuel Bresson,et al.  Malicious Participants in Group Key Exchange: Key Control and Contributiveness in the Shadow of Trust , 2007, ATC.

[9]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[10]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[11]  Yuh-Min Tseng,et al.  A Secure ID-Based Authenticated Group Key Exchange Protocol Resistant to Insider Attacks , 2011, J. Inf. Sci. Eng..

[12]  Xinyi Huang,et al.  Efficient and short certificateless signatures secure against realistic adversaries , 2011, The Journal of Supercomputing.

[13]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.