Scalable Compilers for Group Key Establishment : Two/Three Party to Group

This work presents the first scalable, efficient and generic compilers to construct group key exchange (GKE) protocols from two/three party key exchange (2-KE/3-KE) protocols. We propose three different compilers where the first one is a 2-KE to GKE compiler (2-TGKE) for tree topology, the second one is also for tree topology but from 3-KE to GKE (3-TGKE) and the third one is a compiler that constructs a GKE from 3-KE for circular topology. Our compilers 2-TGKE and 3-TGKE are first of their kind and are efficient due to the underlying tree topology. For the circular topology, we design a compiler called 3-CGKE. 2-TGKE and 3-TGKE compilers require a total of O (n lg n) communication, when compared to the existing compiler for circular topology, where the communication cost is O ` n . By extending the compilers 2-TGKE and 3-TGKE using the techniques in [18], scalable compilers for tree based authenticated group key exchange protocols (2-TAGKE/3-TAGKE), which are secure against active adversaries can be constructed. As an added advantage our compilers can be used in a setting where there is asymmetric distribution of computing power. Finally, we present a constant round authenticated group key exchange (2-TAGKE) obtained by applying Diffie-Hellman protocol and the technique in [18] to our compiler 2-TGKE. We prove the security of our compilers in a stronger Real or Random model and do not assume the existence of random oracles.

[1]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[2]  Dong Hoon Lee,et al.  Efficient ID-based Group Key Agreement with Bilinear Maps , 2004, Public Key Cryptography.

[3]  Colin Boyd,et al.  Round-Optimal Contributory Conference Key Agreement , 2003, Public Key Cryptography.

[4]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, Journal of Cryptology.

[5]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[6]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[7]  Hugo Krawczyk,et al.  Security Analysis of IKE's Signature-Based Key-Exchange Protocol , 2002, CRYPTO.

[8]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[9]  Serge Vaudenay,et al.  Authenticated Multi-Party Key Agreement , 1996, ASIACRYPT.

[10]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[11]  Dong Hoon Lee,et al.  Scalable key exchange transformation: from two-party to group , 2004 .

[12]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[13]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[14]  Ying Wang,et al.  An Improved ID-based Authenticated Group Key Agreement Scheme , 2003, IACR Cryptol. ePrint Arch..

[15]  Yvo Desmedt,et al.  Efficient and Secure Conference-Key Distribution , 1996, Security Protocols Workshop.

[16]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[17]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[18]  Ratna Dutta,et al.  Extending Joux's Protocol to Multi Party Key Agreement (Extended Abstract) , 2003, INDOCRYPT.

[19]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[20]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[21]  Tanja Lange,et al.  Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups , 2006, Financial Cryptography.

[22]  Ratna Dutta,et al.  Provably Secure Authenticated Tree Based Group Key Agreement , 2004, ICICS.

[23]  Yuefei Zhu,et al.  Constant-Round Password-Based Authenticated Key Exchange Protocol for Dynamic Groups , 2008, Financial Cryptography.

[24]  Tanja Lange,et al.  Revisiting Pairing Based Group Key Exchange , 2008, Financial Cryptography.

[25]  Wieb Bosma,et al.  Algorithmic number theory : 4th International Symposium, ANTS-IV, Leiden, the Netherlands, July 2-7, 2000 : proceedings , 2000 .

[26]  Jörg Schwenk,et al.  On Security Models and Compilers for Group Key Exchange Protocols , 2007, IWSEC.

[27]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[28]  Yvo Desmedt,et al.  A secure and scalable Group Key Exchange system , 2005, Inf. Process. Lett..

[29]  Moti Yung,et al.  Secure protocol transformation via “expansion”: from two-party to groups , 1999, CCS '99.

[30]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[31]  María Isabel González Vasco,et al.  (Password) Authenticated Key Establishment: From 2-Party to Group , 2007, TCC.