KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

An Analysis of Group Key Agreement Schemes based on the Bellare-Rogaway Model in Multi-party Setting

  • Lim, Meng-Hui (School of Engineering, Yonsei University) ;
  • Goi, Bok-Min (Faculty of Engineering & Science, Tunku Abdul Rahman University) ;
  • Lee, Sang-Gon (Division of Computer and Information Engineering, Dongseo University)
  • Received : 2010.12.20
  • Accepted : 2011.03.05
  • Published : 2011.04.29
Download PDF
⟨ Previous Next ⟩

Abstract

Group key agreement protocols derive a shared secret key for a group of users to ensure data confidentiality or/and integrity among the users in the subsequent communications. In this paper, we inspect two group key agreement schemes which have been proposed by Shi et al. and Zheng et al. in 2005 and 2007 respectively. Although both schemes were claimed to be secure in a heuristic way, we reveal several flaws using the Bellare-Rogaway security model extended to multi-party setting by Bresson et al. These flaws are found to be originated from inappropriate selection of key derivation function, inadvertent exclusion of partners' identities from the protocol specification and insufficient consideration in preserving known temporary information security and key freshness properties. Furthermore, we suggest and discuss proper countermeasures to address such flaws.

Keywords

References

  1. G. Ateniese, M. Steiner and G. Tsudik, "New Multiparty Authentication Services and Key Agreement Protocols," Journal of Selected Areas in Communications, vol. 18, no. 4, pp. 1-13, 2009.
  2. M. Bellare, R. Canetti and H. Krawczyk, "A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols," in J. Vitter (Ed.), Proc. 30th Annual ACM Symposium on the Theory of Computing, ACM STOC 1998, ACM Press, Dallas, Texas, USA, pp. 419-428, 1998.
  3. M. Bellare, D. Pointcheval and P. Rogaway, "Authenticated Key Exchange Secure against Dictionary Attacks," in B. Preneel (Ed.), Proc. International Conference on the Theory and Application of Cryptographic Techniques, Advances in Cryptology - EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, Springer-Verlag, Berlin/Heidelberg, Bruges, Belgium, pp. 139-155, 2000.
  4. M. Bellare and P. Rogaway, "Entity Authentication and Key Distribution," in D.R. Stinson (Ed.), Proc. 13th Annual International Cryptology Conference, Advances in Cryptology - CRYPTO 1993, Lecture Notes in Computer Science, vol. 773, Springer-Verlag, Santa Barbara, California, USA, pp. 232-249, 1993.
  5. M. Bellare and P. Rogaway, "Provably Secure Session Key Distribution - The Three Party Case," in F.T. Leighton, A. Borodin (Eds.), Proc. 27th ACM Symposium on the Theory of Computing, ACM STOC 1995, ACM Press, Las Vegas, Nevada, USA, pp. 57-66, 1995.
  6. S. Blake-Wilson, D. Johnson and A. Menezes, "Key Agreement Protocols and their Security Analysis," in M. Darnell (Ed.), Proc. 6th IMA International Conference on Cryptography and Coding, Lecture Notes in Computer Science, vol. 1355, Springer-Verlag, Cirencester, UK, pp. 30-45, 1997.
  7. S. Blake-Wilson and A. Menezes, "Authenticated Diffie-Hellman Key Agreement Protocols," in S.E. Tavares, H. Meijer (Eds.), Proc. 5th Annual Workshop on Selected Areas in Cryptography, SAC 1998, Lecture Notes in Computer Science, vol. 1556, Springer-Verlag, Atlanta, Georgia, USA, pp. 339-361, 1998.
  8. J.-M. Bohli, M.I.G. Vasco and R. Steinwandt, "Secure Group Key Establishment Revisited," International Journal of Information Security, vol. 6, no. 4, pp. 243-254, 2007. https://doi.org/10.1007/s10207-007-0018-x
  9. C. Boyd and J. M. González Nieto, "Round-optimal Contributory Conference Key Agreement," Public Key Cryptography (PKC 2003), Lecture Notes in Computer Science, Springer-Verlag, vol. 2567, pp. 161-174, 2003.
  10. E. Bresson, O. Chevassut, A. Essiari, and D. Pointcheval, "Mutual Authentication and Group Key Agreement for Low-Power Mobile Devices," Computer Communications, vol. 27, no. 17, pp. 1730-1737, 2004. https://doi.org/10.1016/j.comcom.2004.05.023
  11. E. Bresson, O. Chevassut and D. Pointcheval, "Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case," in C. Boyd (Ed.), Proc. 7th International Conference on the Theory and Application of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT 2001, Lecture Notes in Computer Science, vol. 2248, Springer-Verlag, Gold Coast, Australia, pp. 290-309, 2001.
  12. E. Bresson, O. Chevassut, D. Pointcheval and J.-J. Quisquater, "Provably Authenticated Group Diffie-Hellman Key Exchange," in P. Samarati (Ed.), Proc. 8th ACM Conference on Computer and Communications Security, ACM CCS 2001, ACM Press, Philadelphia, Pennsylvania, USA, pp. 255-264, 2001.
  13. M. Burmester, "On the Risk of Opening Distributed Keys," in Y.G. Desmedt (Ed.), Proc. 14th Annual International Cryptology Conference, Advances in Cryptology - CRYPTO 1994, Lecture Notes in Computer Science, vol. 839, Springer-Verlag, Santa Barbara, California, USA, pp. 308-317, 1994.
  14. R. Canetti and H. Krawczyk, "Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels," in B. Pfitzmann (Ed.), Proc. International Conference on the Theory and Application of Cryptographic Techniques, Advances in Cryptology - EUROCRYPT 2001, Lecture Notes in Computer Science, vol. 2045, Springer-Verlag, Innsbruck, Austria, pp. 453-474, 2001.
  15. L. Chen, Q., Tang, "Bilateral Unknown Key-Share Attacks in Key Agreement Protocols," Journal of Universal Computer Science, vol. 14, no. 3, pp. 416-440, 2008.
  16. Z. Cheng, M. Nistazakis, R. Comley and L. Vasiu, "On the Indistinguishability-based Security Model of Key Agreement Protocols-Simple Cases," Cryptology ePrint Archive: Report 2005/129, 2005.
  17. K.-K.R. Choo, "Key Establishment : Proofs and Refutations," PhD thesis, Queensland University of Technology, 2006.
  18. K.-K.R. Choo, C. Boyd and Y. Hitchcock, "On Session Key Construction in Provably-Secure Key Establishment Protocols," in E. Dawson, S. Vaudenay (Eds.), Proc. 1st International Conference on Cryptology in Malaysia, Progress in Cryptology - MYCRYPT 2005, Lecture Notes in Computer Science, vol. 3715, Springer-Verlag, Kuala Lumpur, Malaysia, pp. 116-131, 2005.
  19. K.-K.R. Choo, C. Boyd and Y. Hitchcock, "Errors in Computational Complexity Proofs for Protocols," in B. Roy (Ed.), Proc. 11th International Conference on the Theory and Application of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT 2005, Lecture Notes in Computer Science, vol. 3788, Springer-Verlag, Chennai, India, pp. 624-643, 2005.
  20. R. Dutta and R. Barua, "Provably Secure Constant Round Contributory Group Key Agreement in Dynamic Setting," IEEE Trans. on Information Theory, vol. 54, no. 5, pp. 2007-2025, 2008. https://doi.org/10.1109/TIT.2008.920224
  21. I. Ingemarsson,T.D. Tang and C.K. Wong, "A Conference Key Distribution System," IEEE Transactions of Information Theory, vol. 28, no. 5, pp. 714-719, 1982. https://doi.org/10.1109/TIT.1982.1056542
  22. M. Just and S. Vaudenay, "Authenticated Multi-Party Key Agreement," in K. Kim, T. Matsumoto (Eds.), Proc. 2nd International Conference on the Theory and Applications of Cryptology and Information Security, Advances in Cryptology - ASIACRYPT 1996, Lecture Notes in Computer Science, vol. 1163, Springer Berlin/Heidelberg, Gyeongju, Korea, pp. 36-49, 1996.
  23. B. LaMacchia, K. Lauter and A. Mityagin, "Stronger Security of Authenticated key Exchange," in W. Susilo, J.K. Liu, Y. Mu (Eds.), Proc. 1st International Conference, PROVSEC 2007, Lecture Notes in Computer Science, vol. 4784, Springer Berlin/Heidelberg, Wollongong, Australia, pp. 1-16, 2007.
  24. M.-H. Lim, C.-M. Yeoh, S. Lee, H. Lim and H. Lee, "A Secure and Efficient Three-Pass Authenticated Key Agreement Protocol Based on Elliptic Curves," in A. Das, H.K. Pung, F.B.S. Lee, L.W.C. Wong (Eds.), Proc. 7th International IFIP-TC6 Networking Conference, NETWORKING 2008, Lecture Notes in Computer Science, vol. 4982, Springer Berlin/Heidelberg, Singapore, pp. 170-182, 2008.
  25. J. Nam, S. Kim, and D. Won, "Attacks on Bresson-Chevassut-Essiari-Pointcheval's Group Key Agreement Scheme for Low-Power Mobile Devices," Cryptology ePrint Archive: Report 2004/251, 2004.
  26. O. Pereira and J.-J. Quisquater, "A Security Analysis of the Cliques Protocols Suites," in Proc. 14th IEEE Computer Security Foundations Workshop, CSFW 2001, IEEE Computer Society Press, Cape Breton, Nova Scotia, Canada, pp. 73-81, 2001.
  27. Y. Shi, G. Chen and J. Li, "ID-Based One Round Authenticated Group Key Agreement Protocol with Bilinear Pairings," in Proc. International Conference on Information Technology: Coding and Computing, ITCC 2005, vol. 1, IEEE Computer Society Press, Las Vegas, Nevada, USA, pp. 757-761, 2005.
  28. S. Zheng, S. Wang and G. Zhang, "A Dynamic, Secure and Efficient Group Key Agreement Protocol," Frontiers of Electrical and Electronic Engineering in China, vol. 2, no. 2, Higher Education Press co-published with Springer-Verlag GmbH, 182-185, 2007.
  29. L. Zhou, W. Susilo, and Y. Mu, "Efficient ID-Based Authenticated Group Key Agreement from Bilinear Pairings," MSN 2006, Lecture Notes in Computer Science, vol. 4325, Springer Berlin, pp. 521-532, 2006.

Cited by

  1. Face recognition system based on block Gabor feature collaborative representation vol.50, pp.5, 2016, https://doi.org/10.3103/s0146411616050102