A new strong security model for stateful authenticated group key exchange

Stateful authenticated group key exchange (stAGKE) represents an important class of authenticated group key exchange (AGKE) such as tree-based AGKE. The computation of either ephemeral public key or session key in a new stAGKE session may be based on the ephemeral secret state from some previously established session. We notice that earlier AGKE models may be not able to provide appropriate security arguments for stAGKE. In this work, a new model is proposed for stAGKE to formulate security properties in particular for resistance to the leakage attacks on ephemeral key. To be of independent interest, the new model is also flexible, which can be used for analyzing either stateless or stateful AGKE protocols. We show the validity of our model by introducing a new tree-based protocol construction for stAGKE. The proposed scheme is proven secure in our new proposed model without random oracles.

[1]  Min Chen,et al.  Towards collusion-attack-resilient group key management using one-way function tree , 2016, Comput. Networks.

[2]  Ratna Dutta,et al.  Dynamic Group Key Agreement in Tree-Based Setting , 2005, ACISP.

[3]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[4]  Mark Manulis,et al.  Tree-Based Group Key Agreement Framework for Mobile Ad-Hoc Networks , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[5]  Emmanuel Bresson,et al.  Fully Robust Tree-Diffie-Hellman Group Key Exchange , 2009, CANS.

[6]  Zheng Yang,et al.  Strongly Secure One-Round Group Authenticated Key Exchange in the Standard Model , 2013, CANS.

[7]  Yan Li,et al.  Efficient group key management for secure big data in predictable large‐scale networks , 2016, Concurr. Comput. Pract. Exp..

[8]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[9]  Atsushi Fujioka,et al.  Sufficient Condition for Ephemeral Key-Leakage Resilient Tripartite Key Exchange , 2012, ACISP.

[10]  SK Hafizul Islam,et al.  An efficient group key agreement protocol for secure P2P communication , 2016, Secur. Commun. Networks.

[11]  Colin Boyd,et al.  Continuous After-the-Fact Leakage-Resilient Key Exchange , 2014, ACISP.

[12]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[13]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[14]  Zheng Yang On constructing practical multi-recipient key-encapsulation with short ciphertext and public key , 2015, Secur. Commun. Networks.

[15]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[16]  Colin Boyd,et al.  Modeling Key Compromise Impersonation Attacks on Group Key Exchange Protocols , 2009, Public Key Cryptography.

[17]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[18]  Emmanuel Bresson,et al.  Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case , 2001, ASIACRYPT.

[19]  Ratna Dutta,et al.  Extending Joux's Protocol to Multi Party Key Agreement (Extended Abstract) , 2003, INDOCRYPT.

[20]  Mark Manulis,et al.  Modeling Leakage of Ephemeral Secrets in Tripartite/Group Key Exchange , 2013, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[21]  Colin Boyd,et al.  Modelling after-the-fact leakage for key exchange , 2014, IACR Cryptol. ePrint Arch..

[22]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[23]  Tanja Lange,et al.  Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups , 2006, Financial Cryptography.

[24]  Giancarlo Fortino,et al.  CDN-Supported Collaborative Media Streaming Control , 2007, IEEE MultiMedia.

[25]  Cas J. F. Cremers,et al.  Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal , 2015, Des. Codes Cryptogr..

[26]  Wen-Guey Tzeng,et al.  Group key management with efficient rekey mechanism: A Semi-Stateful approach for out-of-Synchronized members , 2017, Comput. Commun..

[27]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[28]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[29]  Gene Tsudik,et al.  Communication-Efficient Group Key Agreement , 2001, SEC.

[30]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[31]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[32]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, CRYPTO.

[33]  Shaoquan Jiang,et al.  Group Key Agreement with Local Connectivity , 2016, IEEE Transactions on Dependable and Secure Computing.

[34]  Zheng Yang,et al.  Towards Modelling Perfect Forward Secrecy for One-round Group Key Exchange , 2016, Int. J. Netw. Secur..

[35]  Emmanuel Bresson,et al.  Securing group key exchange against strong corruptions , 2008, ASIACCS '08.

[36]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[37]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[38]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.