Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Two-round ID-based Group Key Agreement Fitted for Pay-TV System

유료 방송 시스템에 적합한 ID기반의 2 라운드 그룹키 동의 프로토콜

  • Published : 2005.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

A group key agreement protocol allows a group of user to share a key which may later be used to achieve certain cryptographic goals. In this paper, we propose a new scalable two-round ID-based group key agreement protocol which would be well fit to a Pay-TV system, additionally. to the fields of internet stock quotes, audio and music deliveries, software updates and the like. Our protocol improves the three round poop key agreement protocol of Nam et al., resulting in upgrading the computational efficiency by using the batch verification technique in pairing-based cryptography. Also our protocol simplifies the key agreement procedures by utilizing ID-based system. We prove the security of our protocol under the Computational Diffie-Hellman assumption and the Bilinear Decisional Diffie-Hellman assumption. Also we analyze its efficiency.

그룹키 통의 프로토콜은 일련의 그룹을 형성하는 다수의 통신 참여자들이 공개된 통신망을 통해 안전하고 효율적인 방법으로 그룹의 세션키를 설정하기 위한 목적으로 설계된다. 본 논문에서는 유료 방송 시스템과 같은 그룹중심의 응용이나 서비스에 적합한 ID 기반의 2 라운드의 그룹키 동의 프로토콜을 제안하고, 이의 안전성을 CDH 가정과 BDDH 가정에 기반하여 랜덤 오라클 모델에서 증명한다. 제안하는 프로토콜은 Nam이 제안한 3 라운드 그룹키 동의 프로토콜을 기초로 설계된 것으로, 개인식별정보에 기반한 암호 시스템을 사용하여 키 관리 절차를 보다 간단히 하였으며, 새로운 인증 메카니즘을 사용하여 키 전송 메시지들의 길이를 줄이고 결합적 단순성을 제공하였다. 또한 제안하는 프로토콜은 전송되는 메시지들에 대한 인증을 묶음(batch) 기법을 사용하여 검증하도록 설계하여 효율성을 더욱 개선 시 켰다.

Keywords

References

  1. B.-M. Macq and J.-J. Quisquater, 'Cryptology for Digital TV Broadcasting,' Proc. of the IEEE, 83(6):944-57, 1995
  2. A. Fiat and M. Naor, 'Broadcast Encryption,' Advances in Cryptology-Crypto'93, LNCS 773, pp. 480-491, Springer Verlag, 1994
  3. C. Blundo, Luia A. Frota Mattos and D.R. Stinson, 'Generalized Beimel-Chor Schemes for Broadcast Encryption and Interactive Key Distribution,' Theoretical Computer Science, Vol. 200, pp. 313-334, 1998 https://doi.org/10.1016/S0304-3975(98)80007-8
  4. C. Blundo, Luia A. Frota Mattos and D. R. Stinson, 'Trade-offs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution,' Advances in Cryptology-Crypto'96, LNCS 1109, pp. 387-400, 1996
  5. D. Lee, H. Kim and J. Lim, 'Efficient Public-Key Traitor Tracing in Provably Secure Broadcast Encryption with Unlimited Revocation Capability,' KoreaCrypto'02, 2003
  6. D. Boneh and M. Franklin, 'An Efficient Public-Key Traitor Tracing Scheme,' Crypto'99, LNCS 1666, pp. 338-353, 1999
  7. Y. Mu and V. Varadharajan, 'Robust and Secure Broadcasting,' Advances in Cryptology-Indocrypt'01, LNCS 2247, pp. 223-231, Springer-Verlag, 2001
  8. A. Wool, 'Key Management for Encrypted Broadcast,' Proc. of the 5th ACM conference on Computer and Communications Security, pp. 7-16, Springer-Verlag, 1998
  9. Y. Mu, W. Susilo and Y.-X. Lin, 'Identity-Based Broadcasting,' Advances in Cryptology-Indocrypt'03, LNCS 2904, pp. 177-190, Springer-Verlag, 2003
  10. A. Narayanan, C.P. Rangan, and K. Kim, 'Practical Pay TV schemes,' Proc. of the 9th Australasian Conference on Information Security and Privacy, LNCS 2727, pp. 192-203, Springer-Verlag, 2003
  11. A. Shamir, 'Identity-based Cryptosystems and Signature Schemes,' Advances in Cryptology-Crypto'84, LNCS 196, pp. 47-53, Springer-Verlag, 1984
  12. W. Diffie, P. van Oorschot, and M. Wiener, 'Authentication and Authenticated Key Exchanges,' Designs, Codes and Cryptography, 2(2):107-125, 1992 https://doi.org/10.1007/BF00124891
  13. G. Ateniese, M. Steiner, and G. Tsudik, 'New Multiparty Authentication Services and Key Agreement Protocols,' IEEE Journal on Selected Areas in Communications, 18(4):628-639, 2000 https://doi.org/10.1109/49.839937
  14. C. J. Mitchell, M. Ward, and P. Wilson, 'Key Control in Key Agreement Protocols,' Electronics Letters, 34(10):980-981, 1998 https://doi.org/10.1049/el:19980686
  15. I. Ingemarsson, D. Tang, and C. Wong, 'A Conference Key Distribution System,' IEEE Transactions on Information Theory, 28(5):714-720, 1982 https://doi.org/10.1109/TIT.1982.1056542
  16. G.H. Chiou and W.-T. Chen, 'Secure Broadcasting Using the Secure Lock,' IEEE Transactions on Software Engineering, 15(8):929-934, 1989 https://doi.org/10.1109/32.31350
  17. M. Burmester and Y. Desmedt, 'A Secure and Efficient Conference Key Distribution System,' Advances in Cryptology-Eurocrypt'94, LNCS 950, pp. 275-286, Springer-Verlag, 1994
  18. M. Just and S. Vaudenay, 'Authenticated Multi-party Key Agreement,' Advances in Cryptology-Asiacrypt'96, LNCS 1163, pp. 36-49, Springer-Verlag, 1996
  19. K. Becker and U. Wille, 'Communication Complexity of Group Key Distribution,' Proc. of 5th ACM Conference on Computer and Communications Security, pp. 1-6, Springer-Verlag, 1998
  20. Y. Kim, A. Perrig, and G. Tsudik, 'Simple and Fault-tolerant Key Agreement for Dynamic Collaborative Groups,' Proc. of 7st ACM Conference on Computer and Communications Security, pp. 235-244, Springer-Verlag, 2000
  21. M. Steiner, G. Tsudik, and M. Waidner, 'Key Agreement in Dynamic Peer Groups,' IEEE Transactions on Parallel and Distributed Systems, 11(8): 769-780, 2000 https://doi.org/10.1109/71.877936
  22. W.G. Tzeng and Z.J. Tzeng, 'Roundefficient Conference Key Agreement Protocols with Provable Security,' Advances in Cryptology-Asiacrypt'00, LNCS 1976, pp. 614-627, Springer-Verlag, 2000
  23. Y. Kim, A. Perrig, and G. Tsudik, 'Communication-efficient Group Key Agreement,' Proc. of International Fe deration for Information Processing, LNCS 1163, pp. 229-244, Springer-Verlag, 2001
  24. 박영호, 이경현, '이동네트워크 환경에서 그룹키 관리구조,' 정보보호학회논문지, 12(2), pp. 89-100, 2002
  25. 이상원, 천정희, 김용대, 'Pairing을 이용한 트리 기반 그룹키 합의 프로토콜,' 정보보호학회논문지, 13(3), pp. 101-110, 2003
  26. 박영희, 정병천, 이윤호, 김희열, 이재원, 윤현수, 'Diffie-Hallman 키 교환을 이용한 확장성을 가진 계층적 그룹키 설정 프로토콜,' 정보보호학회논문지, 13(5), pp. 3-15, 2003
  27. E. Bresson, O. Chevassut, D. Pointcheval, and J.-J. Quisquater, 'Provably Authenticated Group Diffie-Hellman Key Exchange,' Proc. of the 8st ACM Conference on Computer and Communications Security, pp. 255-264, Springer-Verlag, 2001
  28. E. Bresson, O. Chevassut, and D. Pointcheval, 'Provably Authenticated Group Diffie-Hellman Key Exchange the Dynamic Case,' Advances in Cryptology-Asiacrypt'01, LNCS 2248, pp. 290-309, Springer-Verlag, 2001
  29. E. Bresson, O. Chevassut, and D. Pointcheval, 'Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions,' Advances in Cryptology-Eurocrypt'02, LNCS 2332, pp. 321-336, Springer-Verlag, 2002
  30. C. Boyd and J.M.G. Nieto, 'Roundoptimal Contributory Conference Key Agreement,' Proc. of the 6th International Workshop on Practice and Theory in Public Key Cryptography, LNCS 2567, pp. 161-174, 2003
  31. J. Katze and M. Yung, 'Scalable Protocols for Authenticated Group Key Exchange,' Advances in Cryptology-Crypto'03, LNCS 2729, pp. 110-125, Springer-Verlag, 2003
  32. K.Y. Choi, J.Y. Hwang, and D.H. Lee, 'Efficient ID-based Group Key Agreement with Bilinear Maps,' Proc. of the 7th International Workshop on Practice and Theory in Public Key Cryptography, LNCS 2947, pp. 130-134, Springer-Verlag, 2004
  33. F. Zhang and X. Chen, 'Attack on Two ID-based Authenticated Group Key Agreement Schemes,' Cryptology ePrint Archive, Report 2003/256, available at iacr.org/2003/256/
  34. E. Bresson, O. Chevassut, A. Essiari and D. Pointcheval, 'Mutual authentication and group key agreement for low-power mobile devices,' Computer Communications, vol. 27(17), 2004, pp. 1730-1737, A preliminary version appeared in Proc. of the 5th IFIPTC6/IEEE International Conference on Mobile and Wireless Communications Networks (MWCN 03), pp. 59-62, 2003
  35. J. Nam, S. Kim and D. Won, 'An Attack on Bresson-Chevassut-Essiari-Pontcheval's Group Key Agreement Scheme for Low-Power Mobile Devices,' Cryptology ePrint Archive, Report 2004/251, available at iacr.org/2004/251/
  36. A. Joux, 'A One Round Protocol for Tripartite Diffie-Hellman,' In W. Bosma, editor, Proc. of Algorithmic Number Theory Symposium, LNCS 1838, pp. 385-394, Springer-Verlag, 2000
  37. D. Boneh and D. Franklin, 'Identity-Based Encryption from the Weil Pairing,' Proc. of Crypto'01, LNCS 2139, pp. 213-229, Springer-Verlag, 2001
  38. D. Bonech, B. Lynn, H. Shacham, 'Short Signatures from the Weil Pairing,' Advances in Cryptology-Asiacrypt' 01, Springer-Verlag, 2001
  39. D. Nalla and K.C. Reddy, 'Identity Based Authenticated Group Key Agree ment Protocol,' Proc. of Indocrypt'02, LNCS 2551, pp. 215-233, Springer-Verlag, 2002
  40. N.P. Smart. 'An Identity-based Authenticated Key Agreement Protocol based on the Weil Pairing,' Electronics Letters, 38(13):630-632, 2002 https://doi.org/10.1049/el:20020387
  41. F. Zhang, S. Liu and K. Kim, 'ID-based One Round Authenticated Tripartite Key Agreement Protocols with Pairings,' Cryptology ePrint Archive, Report 2002/122, available at iacr.org/2002/122/
  42. H. Kim, S. Kim, D. Won, 'ID-Based Partially Blind Signatre under GDH Group,' Proc. of the International Conference on Number Theory for Secure Communications 20th, pp. 159, 2003
  43. S. S. Al-Riyami, K. G. Paterson, 'Certificateless Public Key Cryptography,' Advances in Cryptology-Asiacrypt'03, LNCS 2784, Springer Verlag, 2003
  44. R. Barua, R. Dutta and P. Sarker, 'Extending Joux's Protocol to Multi Party Key Agreement,' Proc. of Indocrypt'03, LNCS 2904, pp. 205-217, Springer-Verlag, 2003
  45. J. Nam, S. Kim, S. Kim, and D. Won, 'Provably-secure and Communication- efficient Scheme for Dynamic Group Key Exchange,' Cryptology ePrint Archive, Report 2004/115, available at iacr.org/2004/115/
  46. J. Nam, J. Lee, S. Kim, and D. Won, 'DDH-based Group Key Agreement for Mobile Computing,' Cryptology e-Print Archive, Report 2004/127, available at iacr.org/2004/127/
  47. J. Cheon, Y. Kim, and H. Yoon, 'A New ID-based Signature with Batch Verification,' Cryptology ePrint Archive, Report 2004/131, available at iacr.org/2004/131/