A Framework for Robust Group Key Agreement

Considering a protocol of Tseng, we show that a group key agreement protocol that resists attacks by malicious insiders in the authenticated broadcast model, loses this security when it is transfered into an unauthenticated point-to-point network with the protocol compiler introduced by Katz and Yung. We develop a protocol framework that allows to transform passively secure protocols into protocols that provide security against malicious insiders and active adversaries in an unauthenticated point-to-point network and, in contrast to existing protocol compilers, does not increase the number of rounds. Our protocol particularly uses the session identifier to achieve the security. By applying the framework to the Burmester-Desmedt protocol we obtain a new 2 round protocol that is provably secure against active adversaries and malicious participants.

[1]  Emmanuel Bresson,et al.  Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case , 2001, ASIACRYPT.

[2]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[3]  Kim-Kwang Raymond Choo,et al.  Security Requirements for Key Establishment Proof Models: Revisiting Bellare-Rogaway and Jeong-Katz-Lee Protocols , 2005, ACISP.

[4]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[5]  Colin Boyd,et al.  On Session Identifiers in Provably Secure Protocols: The Bellare-Rogaway Three-Party Key Distribution Protocol Revisited , 2004, SCN.

[6]  Yuh-Min Tseng A Robust Multi-Party Key Agreement Protocol Resistant to Malicious Participants , 2005, Comput. J..

[7]  Colin Boyd,et al.  Examining Indistinguishability-Based Proof Models for Key Establishment Protocols , 2005, ASIACRYPT.

[8]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[9]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[10]  Chih-Hung Li,et al.  Conference Key Agreement from Secret Sharing , 1999, ACISP.

[11]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[12]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, CRYPTO.

[13]  Rainer Steinwandt,et al.  Password-Authenticated Constant-Round Group Key Establishment with a Common Reference String , 2006, IACR Cryptol. ePrint Arch..

[14]  Wen-Guey Tzeng,et al.  A Practical and Secure-Fault-Tolerant Conferenc-Key Agreement Protocol , 2000, Public Key Cryptography.

[15]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[16]  Dieter Gollmann Insider Fraud (Position Paper) , 1998, Security Protocols Workshop.

[17]  Wen-Guey Tzeng,et al.  Round-Efficient Conference Key Agreement Protocols with Provable Security , 2000, ASIACRYPT.

[18]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[19]  Michael Steiner,et al.  Secure group key agreement , 2002 .

[20]  Rainer Steinwandt,et al.  Secure group key establishment revisited , 2007, International Journal of Information Security.

[21]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.