Password-Authenticated Group Key Exchange: A Cross-Layer Design

Two-party password-authenticated key exchange (2PAKE) protocols provide a natural mechanism for secret key establishment in distributed applications, and they have been extensively studied in past decades. However, only a few efforts have been made so far to design password-authenticated group key exchange (GPAKE) protocols. In a 2PAKE or GPAKE protocol, it is assumed that short passwords are preshared among users. This assumption, however, would be impractical in certain applications. Motivated by this observation, this article presents a GPAKE protocol without the password sharing assumption. To obtain the passwords, wireless devices, such as smart phones, tablets, and laptops, are used to extract short secrets at the physical layer. Using the extracted secrets, users in our protocol can establish a group key at higher layers with light computation consumptions. Thus, our GPAKE protocol is a cross-layer design. Additionally, our protocol is a compiler, that is, our protocol can transform any provably secure 2PAKE protocol into a GPAKE protocol with only one more round of communications. Besides, the proposed protocol is proved secure in the standard model.

[1]  M. Ylianttila,et al.  Group Key Establishment for Enabling Secure Multicast Communication in Wireless Sensor Networks Deployed for IoT Applications , 2015, IEEE Access.

[2]  Alfredo De Santis,et al.  Secure group communication schemes for dynamic heterogeneous distributed computing , 2017, Future Gener. Comput. Syst..

[3]  Ratna Dutta,et al.  Password-based Encrypted Group Key Agreement , 2006, Int. J. Netw. Secur..

[4]  Sneha Kumar Kasera,et al.  Secret Key Extraction from Wireless Signal Strength in Real Environments , 2009, IEEE Transactions on Mobile Computing.

[5]  Kui Ren,et al.  Cooperative Secret Key Generation from Phase Estimation in Narrowband Fading Channels , 2011, IEEE Journal on Selected Areas in Communications.

[6]  David Pointcheval,et al.  Contributory Password-Authenticated Group Key Exchange with Join Capability , 2011, CT-RSA.

[7]  Qiang Tang,et al.  Secure Password-Based Authenticated Group Key Agreement for Data-Sharing Peer-to-Peer Networks , 2006, ACNS.

[8]  Emmanuel Bresson,et al.  Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks , 2002, ASIACRYPT.

[9]  Wade Trappe,et al.  Radio-telepathy: extracting a secret key from an unauthenticated wireless channel , 2008, MobiCom '08.

[10]  Prasant Mohapatra,et al.  Exploiting Multiple-Antenna Diversity for Shared Secret Key Generation in Wireless Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[11]  Albert Y. Zomaya,et al.  Big Data Privacy in the Internet of Things Era , 2014, IT Professional.

[12]  Hai Su,et al.  Fast and scalable secret key generation exploiting channel phase randomness in wireless networks , 2011, 2011 Proceedings IEEE INFOCOM.

[13]  Jinjun Chen,et al.  HireSome-II: Towards Privacy-Aware Cross-Cloud Service Composition for Big Data Applications , 2015, IEEE Transactions on Parallel and Distributed Systems.

[14]  Wade Trappe,et al.  ProxiMate: proximity-based secure pairing using ambient wireless signals , 2011, MobiSys '11.

[15]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[16]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, Journal of Cryptology.

[17]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[18]  Feng Hao,et al.  The Fairy-Ring Dance: Password Authenticated Key Exchange in a Group , 2015, IoTPTS@AsiaCCS.

[19]  Robert H. Deng,et al.  n PAKE + : A Hierarchical Group Password-Authenticated Key Exchange Protocol Using Different Passwords , 2007, ICICS.

[20]  Chun Chen,et al.  A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks , 2013, Int. J. Commun. Syst..

[21]  Rafail Ostrovsky,et al.  Efficient and secure authenticated key exchange using weak passwords , 2009, JACM.

[22]  Sherali Zeadally,et al.  Comparative study of trust and reputation systems for wireless sensor networks , 2013, Secur. Commun. Networks.

[23]  David Pointcheval,et al.  Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness , 2009, AFRICACRYPT.

[24]  Alfredo De Santis,et al.  Modeling energy-efficient secure communications in multi-mode wireless mobile devices , 2015, J. Comput. Syst. Sci..

[25]  Emmanuel Bresson,et al.  Password-Based Group Key Exchange in a Constant Number of Rounds , 2006, Public Key Cryptography.

[26]  Dong Hoon Lee,et al.  Efficient Password-Based Group Key Exchange , 2004, TrustBus.

[27]  Jinjun Chen,et al.  External integrity verification for outsourced big data in cloud and IoT: A big picture , 2015, Future Gener. Comput. Syst..

[28]  Alfredo De Santis,et al.  An Energy-Aware Framework for Reliable and Secure End-to-End Ubiquitous Data Communications , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[29]  Jie Wu,et al.  An efficient group key management scheme for mobile ad hoc networks , 2009, Int. J. Secur. Networks.

[30]  David Pointcheval,et al.  A Scalable Password-Based Group Key Exchange Protocol in the Standard Model , 2006, ASIACRYPT.

[31]  Jinjun Chen,et al.  DLSeF , 2016, ACM Trans. Embed. Comput. Syst..

[32]  María Isabel González Vasco,et al.  (Password) Authenticated Key Establishment: From 2-Party to Group , 2007, TCC.

[33]  Marco Gruteser,et al.  This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY 1 Key Agreement Algorithms for Vehicular Communicatio , 2022 .