Exploring robustness in group key agreement

Secure group communication is crucial for building distributed applications that work in dynamic environments and communicate over unsecured networks (e.g. the Internet). Key agreement is a critical part of providing security services for group communication systems. Most of the current contributory key agreement protocols are not designed to tolerate failures and membership changes during execution. In particular, nested or cascaded group membership events (such as partitions) are not accommodated. We present the first robust contributory key agreement protocols, resilient to any sequence of events while preserving the group communication membership and ordering guarantees.

[1]  Louise E. Moser,et al.  Extended virtual synchrony , 1994, 14th International Conference on Distributed Computing Systems.

[2]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[3]  Nancy A. Lynch,et al.  Specifying and using a partitionable group communication service , 1997, PODC '97.

[4]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[5]  Idit Keidar,et al.  Scalable group membership services for novel applications , 1997, Networks in Distributed Computing.

[6]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[7]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[8]  Serge Vaudenay,et al.  Authenticated Multi-Party Key Agreement , 1996, ASIACRYPT.

[9]  Idit Keidar,et al.  A client-server oriented algorithm for virtually synchronous group membership in WANs , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[10]  Idit Keidar,et al.  Group communication specifications: a comprehensive study , 2001, CSUR.

[11]  Louise E. Moser,et al.  The SecureRing protocols for securing group communication , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[12]  Yair Amir,et al.  A low latency, loss tolerant architecture and protocol for wide area group communication , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[13]  Kenneth P. Birman,et al.  Exploiting virtual synchrony in distributed systems , 1987, SOSP '87.

[14]  Yair Amir,et al.  Transis: A Communication Sub-system for High Availability , 1992 .

[15]  Robbert van Renesse,et al.  Reliable Distributed Computing with the Isis Toolkit , 1994 .

[16]  Jon Crowcroft,et al.  Core Based Trees (CBT) An Architecture for Scalable Inter-Domain Multicast Routing , 1993, SIGCOMM 1993.

[17]  Louise E. Moser,et al.  The Totem single-ring ordering and membership protocol , 1995, TOCS.

[18]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[19]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[20]  Yongdae Kim,et al.  Secure group communication in asynchronous networks with failures: integration and experiments , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[21]  Kenneth P. Birman,et al.  Bimodal multicast , 1999, TOCS.

[22]  Gene Tsudik,et al.  The design of a group key agreement API , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[23]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[24]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[25]  Danny Dolev,et al.  Ensemble Security , 1998 .

[26]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[27]  Kenneth P. Birman,et al.  Building Secure and Reliable Network Applications , 1996 .

[28]  Yair Amir,et al.  Transis: a communication subsystem for high availability , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[29]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[30]  Todd Montgomery,et al.  A High Performance Totally Ordered Multicast Protocol , 1994, Dagstuhl Seminar on Distributed Systems.

[31]  R. Poovendran,et al.  A distributed shared key generation procedure using fractional keys , 1998, IEEE Military Communications Conference. Proceedings. MILCOM 98 (Cat. No.98CH36201).

[32]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[33]  Whitfield Diffie,et al.  A Secure Audio Teleconference System , 1988, CRYPTO.

[34]  Yair Amir,et al.  Replication using group communication over a partitioned network (שכפול באמצעות תקשרת קבוצות מעל רשת דינמית.) , 1995 .

[35]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[36]  Gene Tsudik,et al.  New multiparty authentication services and key agreement protocols , 2000, IEEE Journal on Selected Areas in Communications.