Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case

Dynamic group Diffie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to workin a scenario in which the group membership is not known in advance but where parties may join and may also leave the multicast group at any given time. While several schemes have been proposed to deal with this scenario no formal treatment for this cryptographic problem has ever been suggested. In this paper, we define a security model for this problem and use it to precisely define Authenticated Key Exchange (AKE) with "implicit" authentication as the fundamental goal, and the entity-authentication goal as well. We then define in this model the execution of a protocol modified from a dynamic group Diffie-Hellman scheme offered in the litterature and prove its security.

[1]  William E. Johnston,et al.  The reality of collaboratories , 1998 .

[2]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[3]  Serge Vaudenay,et al.  Authenticated Multi-Party Key Agreement , 1996, ASIACRYPT.

[4]  Priya Narasimhan,et al.  Consistent Object Replication in the external System , 1998, Theory Pract. Object Syst..

[5]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[6]  Whitfield Diffie,et al.  A Secure Audio Teleconference System , 1988, CRYPTO.

[7]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[8]  R. Varga,et al.  Proof of Theorem 1 , 1983 .

[9]  Olivier Chevassut,et al.  An integrated solution for secure group communication in wide-area networks , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[10]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[11]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[12]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[13]  Moni Naor,et al.  Issues in Multicast Security: A Taxonomy and E cient Constructions , 1999, IEEE Conference on Computer Communications.

[14]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[15]  Uta Wille,et al.  Communication complexity of group key distribution , 1998, CCS '98.

[16]  Gene Tsudik,et al.  New multiparty authentication services and key agreement protocols , 2000, IEEE Journal on Selected Areas in Communications.

[17]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[18]  Gene Tsudik,et al.  Di e-hellman key distribution extended to groups , 1996, CCS 1996.

[19]  Jean-Jacques Quisquater,et al.  A security analysis of the cliques protocols suites , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[20]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[21]  D. Boneh The Decision Diie-hellman Problem , 1998 .

[22]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[23]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[24]  Gene Tsudik,et al.  Communication-Efficient Group Key Agreement , 2001, SEC.

[25]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[26]  Jacques Stern,et al.  RSA-OAEP Is Secure under the RSA Assumption , 2001, Journal of Cryptology.

[27]  Steven McCanne,et al.  vic: a flexible framework for packet video , 1995, MULTIMEDIA '95.

[28]  TsudikGene,et al.  Key Agreement in Dynamic Peer Groups , 2000 .

[29]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[30]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[31]  Markus Jakobsson,et al.  Mutual Authentication for Low-Power Mobile Devices , 2002, Financial Cryptography.

[32]  Wen-Guey Tzeng,et al.  A Practical and Secure-Fault-Tolerant Conferenc-Key Agreement Protocol , 2000, Public Key Cryptography.

[33]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.