Flexible Group Key Exchange with On-demand Computation of Subgroup Keys

Modern multi-user communication systems, including popular instant messaging tools, social network platforms, and cooperative-work applications, offer flexible forms of communication and exchange of data. At any time point concurrent communication sessions involving different subsets of users can be invoked. The traditional tool for achieving security in a multi-party communication environment are group key exchange (GKE) protocols that provide participants with a secure group key for their subsequent communication. Yet, in communication scenarios where various user subsets may be involved in different sessions the deployment of classical GKE protocols has clear performance and scalability limitations as each new session should be preceded by a separate execution of the protocol. The motivation of this work is to study the possibility of designing more flexible GKE protocols allowing not only the computation of a group key for some initial set of users but also efficient derivation of independent secret keys for all potential subsets. In particular we improve and generalize the recently introduced GKE protocols enabling on-demand derivation of peer-to-peer keys (so called GKE+P protocols). We show how a group of users can agree on a secret group key while obtaining some additional information that they can use on-demand to efficiently compute independent secret keys for any possible subgroup. Our security analysis relies on the Gap Diffie-Hellman assumption and uses random oracles.

[1]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[2]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[3]  Whitfield Diffie,et al.  A Secure Audio Teleconference System , 1988, CRYPTO.

[4]  Shafi Goldwasser,et al.  Advances in Cryptology — CRYPTO’ 88: Proceedings , 1990, Lecture Notes in Computer Science.

[5]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[6]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[7]  Yvo Desmedt,et al.  Efficient and Secure Conference-Key Distribution , 1996, Security Protocols Workshop.

[8]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[9]  Moti Yung,et al.  Secure protocol transformation via “expansion”: from two-party to groups , 1999, CCS '99.

[10]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[11]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[12]  Pil Joong Lee,et al.  Advances in Cryptology — ASIACRYPT 2001 , 2001, Lecture Notes in Computer Science.

[13]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[14]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[15]  Emmanuel Bresson,et al.  Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions , 2002, EUROCRYPT.

[16]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[17]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[18]  Alexandra Boldyreva,et al.  Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[19]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[20]  Dong Hoon Lee,et al.  Constant-Round Authenticated Group Key Exchange for Dynamic Groups , 2004, ASIACRYPT.

[21]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.

[22]  Gene Tsudik,et al.  Group key agreement efficient in communication , 2004, IEEE Transactions on Computers.

[23]  Colin Boyd,et al.  Examining Indistinguishability-Based Proof Models for Key Establishment Protocols , 2005, ASIACRYPT.

[24]  A. Maximov,et al.  Fast computation of large distributions and its cryptographic applications , 2005 .

[25]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[26]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, Journal of Cryptology.

[27]  Emmanuel Bresson,et al.  Password-Based Group Key Exchange in a Constant Number of Rounds , 2006, Public Key Cryptography.

[28]  Aggelos Kiayias,et al.  Public Key Cryptography - PKC 2006 , 2006, Lecture Notes in Computer Science.

[29]  Mark Manulis,et al.  Security-Focused Survey on Group Key Exchange Protocols , 2006, IACR Cryptol. ePrint Arch..

[30]  Mark Manulis,et al.  Survey on Security Requirements and Models for Group Key Exchange , 2006, IACR Cryptol. ePrint Arch..

[31]  María Isabel González Vasco,et al.  (Password) Authenticated Key Establishment: From 2-Party to Group , 2007, TCC.

[32]  Jörg Schwenk,et al.  On Security Models and Compilers for Group Key Exchange Protocols , 2007, IWSEC.

[33]  Dongho Won,et al.  Constant-Round Authenticated Group Key Exchange with Logarithmic Computation Complexity , 2007, ACNS.

[34]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[35]  Emmanuel Bresson,et al.  Malicious Participants in Group Key Exchange: Key Control and Contributiveness in the Shadow of Trust , 2007, ATC.

[36]  Juan Manuel González Nieto,et al.  Modeling key compromise impersonation attacks on group key exchange protocols , 2008, TSEC.

[37]  Emmanuel Bresson,et al.  Contributory group key exchange in the presence of malicious participants , 2008, IET Inf. Secur..

[38]  Tanja Lange,et al.  Revisiting Pairing Based Group Key Exchange , 2008, Financial Cryptography.

[39]  Dong Hoon Lee,et al.  Parallel Key Exchange , 2008, J. Univers. Comput. Sci..

[40]  Yuefei Zhu,et al.  Constant-Round Password-Based Authenticated Key Exchange Protocol for Dynamic Groups , 2008, Financial Cryptography.

[41]  Emmanuel Bresson,et al.  Securing group key exchange against strong corruptions , 2008, ASIACCS '08.

[42]  Gautam Biswas,et al.  Diffie-Hellman technique: extended to multiple two-party keys and one multi-party key , 2008, IET Inf. Secur..

[43]  Mark Manulis Group Key Exchange Enabling On-Demand Derivation of Peer-to-Peer Keys , 2009, ACNS.

[44]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[45]  Masakatsu Nishigaki,et al.  Advances in Information and Computer Security - 6th International Workshop, IWSEC 2011, Tokyo, Japan, November 8-10, 2011. Proceedings , 2011, IWSEC.