Two Attacks on Dutta's Dynamic Group Key Agreement Protocol

Ratna Dutta and Rana Barua proposed a dynamic group key agreement protocol with constant round referred to as DGKA protocol. They claimed that the DGKA protocol is dynamic, efficient and provably secure under DDH assumption. In this paper, we analyze the security of the DGKA protocol and discovered its vulnerable nature towards two attacks. The first attack relates to the fact that this protocol does not satisfy the key independence property which is crucial for dynamic group key agreement protocol. The second one is an impersonation attack which demonstrates that the DGKA protocol is vulnerable to replay attacks.

[1]  Emmanuel Bresson,et al.  Mutual authentication and group key agreement for low-power mobile devices , 2003, Comput. Commun..

[2]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[3]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[4]  Colin Boyd,et al.  Round-Optimal Contributory Conference Key Agreement , 2003, Public Key Cryptography.

[5]  Emmanuel Bresson,et al.  Constant Round Authenticated Group Key Agreement via Distributed Computation , 2004, Public Key Cryptography.

[6]  Emmanuel Bresson,et al.  Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions , 2002, EUROCRYPT.

[7]  Emmanuel Bresson,et al.  Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case , 2001, ASIACRYPT.

[8]  Ratna Dutta,et al.  Provably Secure Constant Round Contributory Group Key Agreement in Dynamic Setting , 2008, IEEE Transactions on Information Theory.

[9]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[10]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.

[11]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, CRYPTO.

[12]  Ratna Dutta,et al.  Constant Round Dynamic Group Key Agreement , 2005, ISC.

[13]  Dong Hoon Lee,et al.  Constant-Round Authenticated Group Key Exchange for Dynamic Groups , 2004, ASIACRYPT.

[14]  Ratna Dutta,et al.  Extending Joux's Protocol to Multi Party Key Agreement (Extended Abstract) , 2003, INDOCRYPT.

[15]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[16]  Ratna Dutta,et al.  Pairing-Based Cryptographic Protocols : A Survey , 2004, IACR Cryptol. ePrint Arch..

[17]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.