Journal of Communications and Networks

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

Group Key Exchange over Combined Wired and Wireless Networks

  • Nam, Jung-Hyun (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Won, Dong-Ho (School of Information and Communication Engineering, Sungkyunkwan University)
  • Published : 2006.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

A group key exchange protocol is a cryptographic primitive that describes how a group of parties communicating over a public network can come up with a common secret key. Due to its significance both in network security and cryptography, the design of secure and efficient group key exchange protocols has attracted many researchers' attention over the years. However, despite all the efforts undertaken, there seems to have been no previous systematic look at the growing problem of key exchange over combined wired and wireless networks which consist of both stationary computers with sufficient computational capabilities and mobile devices with relatively restricted computing resources. In this paper, we present the first group key exchange protocol that is specifically designed to be well suited for this rapidly expanding network environment. Our construction meets simplicity, efficiency, and strong notions of security.

Keywords

References

  1. J. Nam, S. Kim, and D. Won, 'Secure group communications over combined wired and wireless networks,' in Proc. 2nd Int. Conf. on Trust, Privacy, and Security in Digital Business, 2005, vol. 3592, LNCS, pp. 90-99
  2. W. Diffie and M. E. Hellman, 'New directions in cryptography,' IEEE Trans. Inform. Theory, vol. 22, no. 6, pp. 644-654, 1976 https://doi.org/10.1109/TIT.1976.1055638
  3. I. Ingemarsson, D. Tang, and C. Wong, 'A conference key distribution system,' IEEE Trans. Inform. Theory, vol. 28, no. 5, pp. 714-720, 1982 https://doi.org/10.1109/TIT.1982.1056542
  4. E. Okamoto and K. Tanaka, 'Key distribution system based on identification information,' IEEE J. Select. Areas Commun., vol. 7, no. 4, pp. 481-485, 1989 https://doi.org/10.1109/49.17711
  5. S. M. Bellovin and M. Merritt, 'Encrypted key exchange: Password-based protocols secure against dictionary attacks,' in Proc. IEEE Symp. Security and Privacy, 1992, pp. 72-84
  6. A. Joux, 'A one round protocol for tripartite Diffie-Hellman,' J. Crypto., vol. 17, no.4, pp.263-276, 2003
  7. K.-K. R. Choo, 'Provably-secure mutual authentication and key establishment protocols lounge,' 2006, available at http://sky.fit.qut.edu.au/-choo/lounge.html
  8. M. Bellare and P. Rogaway, 'Entity authentication and key distribution,' in Proc. Crypto'93, 1993, LNCS, vol. 773, pp. 232-249
  9. M. Bellare and P. Rogaway, 'Provably secure session key distribution-the three party case,' in Proc. 27th ACM Symp. Theory of Computing, 1995, pp.57-66
  10. V. Shoup, 'On formal models for secure key exchange,' Cryptology ePrint Archive, Report 1999/012, 1999, available at http://eprint.iacr.org/1999/012
  11. M. Bellare, D. Pointcheval, and P. Rogaway, 'Authenticated key exchange secure against dictionary attacks,' in Proc. Eurocrypt 2000, LNCS, vol. 1807, 2000, pp. 139-155
  12. E. Bresson, O. Chevassut, D. Pointcheval, and J.-J. Quisquater, 'Provably authenticated group Diffie-Hellman key exchange,' in Proc. 8th ACM Conf. Computer and Commun. Security, 2001, pp. 255-264
  13. R. Canetti and H. Krawczyk, 'Universally composable notions of key exchange and secure channels,' in Proc. Eurocrypt 2002, LNCS, vol. 2332, 2002, pp. 337-351
  14. M. Abdalla, P.-A. Fouque, and D. Pointcheval, 'Password-based authenticated key exchange in the three-party setting,' in Proc. 8th Int. Workshop Practice and Theory in Public Key Crypto., LNCS, vol. 3386, 2005, pp.65-84
  15. J. Katz and J. S. Shin, 'Modeling insider attacks on group key-exchange protocols,' in Proc. 12th ACM Conf. Computer and Commun. Security, 2005, pp. 180-189
  16. B. Blanchet, 'A computationally sound mechanized prover for security protocols,' in Proc. IEEE Symp. Security and Privacy, 2006, pp. 140-154
  17. K.-K. R. Choo, 'Refuting security proofs for tripartite key exchange with model checker in planning problem setting,' in Proc. 19th IEEE Computer Security Foundations Workshop, 2006, pp. 297-308
  18. J. Katz, R. Ostrovsky, and M. Yung, 'Efficient password-authenticated key exchange using human-memorable passwords,' in Proc. Eurocrypt 2001, LNCS, vol. 2045, 2001, pp.475-494
  19. E. Bresson, O. Chevassut, and D. Pointcheval, 'Dynamic group Diffie-Hellman key exchange under standard assumptions,' in Proc. Eurocrypt 2002, LNCS, vol. 2332, 2002, pp. 321-336
  20. J. Katz and M. Yung, 'Scalable protocols for authenticated group key exchange,' in Proc. Crypto 2003, LNCS, vol. 2729, 2003, pp. 110-125
  21. H. Krawczyk, 'HMQV: A high-performance secure Diffie-Hellman protocol,' in Proc. Crypto 2005, LNCS, vol. 3621, 2005, pp. 546-566
  22. K.-K. R. Choo, C. Boyd, and Y. Hitchcock, 'Errors in computational complexity proofs for protocols,' in Proc. Asiacrypt 2005, LNCS, vol. 3788, 2005, pp. 624-643
  23. N. R. Potlapally, S. Ravi, A. Raghunathan, and N. K. Jha, 'Analyzing the energy consumption of security protocols,' in Proc. ACM Int. Symp. Low Power Electron. and Des., 2003, pp. 30-35
  24. N. Borisov, I. Goldberg, and D. Wagner, 'Intercepting mobile communications: the insecurity of 802.11,' in Proc. 7th ACM Conf. Mobile Computing and Networking, 2001, pp. 180-189
  25. D. Johnston and J. Walker, 'Overview of IEEE 802.16 security,' IEEE Security Privacy, vol. 2, no. 3, pp. 40-48, 2004
  26. S.-L. Ng and C. Mitchell, 'Comments on mutual authentication and key exchange protocols for low power wireless communications,' IEEE Commun. Lett., vol. 8, no. 4, pp. 262-263, 2004 https://doi.org/10.1109/LCOMM.2004.825724
  27. J. Nam, S. Kim, and D. Won, 'A weakness in the Bresson-Chevassut-Essiari-Pointcheval's group key agreement scheme for low-power mobile devices,' IEEE Commun. Lett., vol. 9, no. 5, pp. 429-431, 2005 https://doi.org/10.1109/LCOMM.2005.1431161
  28. G. Ateniese, M. Steiner, and G. Tsudik, 'New multiparty authentication services and key agreement protocols,' IEEE J. Select. Areas Commun., vol. 18, no.4, pp.628-639, 2000 https://doi.org/10.1109/49.839937
  29. M. Steiner, G. Tsudik, and M. Waidner, 'Key agreement in dynamic peer groups,' IEEE Trans. Parallel Distrib. Syst., vol. 11, no. 8, pp. 769-780, 2000 https://doi.org/10.1109/71.877936
  30. W.-G. Tzeng and Z.-J. Tzeng, 'Round-efficient conference key agreement protocols with provable security,' in Proc. Asiacrypt 2000, LNCS, vol. 1976, 2000, pp. 614-627
  31. O. Pereira and J.-J. Quisquater, 'A security analysis of the Cliques protocols suites,' in Proc. 14th IEEE Computer Security Foundations Workshop, 2001, pp.73-81
  32. E. Bresson, O. Chevassut, and D. Pointcheval, 'Provably authenticated group Diffie-Hellman key exchange-the dynamic case,' in Proc. Asiacrypt 2001, LNCS, vol. 2248, 2001, pp. 290-309
  33. E. Bresson, O. Chevassut, and D. Pointcheval, 'Group Diffie-Hellman key exchange secure against dictionary attacks,' in Proc. Asiacrypt 2002, LNCS, vol. 2501, 2002, pp. 497-514
  34. C. Boyd and J.M.G. Nieto, 'Round-optimal contributory conference key agreement,' in Proc. 6th Int. Workshop Practice and Theory in Public Key Crypto., LNCS, vol. 2567, 2003, pp. 161-174
  35. Y. Kim, A. Perrig, and G. Tsudik, 'Tree-based group key agreement,' ACM Trans. Inform. Syst. Security, vol. 7, no. 1, pp. 60-96, 2004 https://doi.org/10.1145/984334.984337
  36. E. Bresson and D. Catalano, 'Constant round authenticated group key agreement via distributed computation,' in Proc. 7th Int. Workshop on Practice and Theory in Public Key Crypto., LNCS, vol. 2947, 2004, pp. 115-129
  37. Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik, 'On the performance of group key agreement protocols,' ACM Trans. Inform. Syst. Security, vol. 7, no.3, pp.457-488, 2004 https://doi.org/10.1145/1015040.1015045
  38. Y. Kim, A. Perrig, and G. Tsudik, 'Group key agreement efficient in communication,' IEEE Trans. Comput., vol. 53, no. 7, pp. 905-921, 2004 https://doi.org/10.1109/TC.2004.31
  39. E. Bresson, O. Chevassut, A. Essiari, and D. Pointcheval, 'Mutual authentication and group key agreement for low-power mobile devices,' Comput. Commun., vol. 27, no. 17, pp. 1730-1737, 2004 https://doi.org/10.1016/j.comcom.2004.05.023
  40. H.-J. Kim, S.-M. Lee, and D. H. Lee, 'Constant-round authenticated group key exchange for dynamic groups,' in Proc. Asiacrypt 2004, LNCS, vol. 3329, 2004, pp.245-259
  41. R. Dutta and R. Barna, 'Constant round dynamic group key agreement,' in Proc. 8th Inform. Security Conf., LNCS, vol. 3650, 2005, pp. 74-88
  42. J. Nam, J. Lee, S. Kim, and D. Won, 'DDH-based group key agreement in a mobile environment,' J. Syst. Softw., vol. 78, no. 1, pp. 73-83, 2005 https://doi.org/10.1016/j.jss.2004.10.024
  43. M. Abdalla, E. Bresson, O. Chevassut, and D. Pointcheval, 'Password-based group key exchange in a constant number of rounds,' in Proc. 9th Int. Workshop Practice and Theory in Public Key Crypto., LNCS, vol. 3958, 2006, pp. 427-442
  44. Q. Tang and K.-K. R. Choo, 'Secure password-based authenticated group key agreement for data-sharing peer-to-peer networks,' in Proc. 4th Int. Conf. Applied Crypto. and Network Security, LNCS, vol. 3989, 2006, pp.162-177
  45. K. Becker and U. Wille, 'Communication complexity of group key distribution,' in Proc. 5th ACM Conf. Computer and Commun. Security, 1998, pp.1-6
  46. M. Burmester and Y. Desmedt, 'A secure and efficient conference key distribution system,' in Proc. Eurocrypt 1994, LNCS, vol. 950, 1994, pp. 275-286
  47. J. Herranz and J. L. Villar, 'An unbalanced protocol for group key exchange,' in Proc. 1st Int. Conf. Trust, Privacy, and Security in Digital Business, LNCS, vol. 3184, 2004, pp. 172-180
  48. G. Horn, K. M. Martin, and C. J. Mitchell, 'Authentication protocols for mobile network environment value-added services,' IEEE Trans. Veh. Technol., vol. 51, no. 2, pp. 383-392, 2002 https://doi.org/10.1109/25.994813
  49. C. Wong, M. Gouda, and S. Lam, 'Secure group communications using key graphs,' in Proc. ACM SIGCOMM'98, 1998, pp. 68-79
  50. D. Wallner, E. Harder, and R. Agee, 'Key management for multicast: issues and architectures,' RFC 2627, IETF, 1999
  51. A. Perrig, D. Song, and J.D. Tygar, 'ELK, a new protocol for efficient large-group key distribution,' in Proc. IEEE Symp. Security and Privacy, 2001, pp. 247-262
  52. W. Diffie, P. Oorschot, and M. Wiener, 'Authentication and authenticated key exchanges,' Des., Codes, Crypto., vol. 2, no. 2, pp. 107-125, 1992 https://doi.org/10.1007/BF00124891
  53. D. Denning and G. Sacco, 'Timestamps in key distribution protocols,' Commun. ACM, vol. 24, no. 8, pp. 533-536, 1981 https://doi.org/10.1145/358722.358740
  54. M. Bellare and P. Rogaway, 'Random oracles are practical: A paradigm for designing efficient protocols,' in Proc. 1st ACM Conf. Computer and Commun. Security, 1993, pp. 62-73
  55. R. Canetti and H. Krawczyk, 'Analysis of key-exchange protocols and their use for building secure channels,' in Proc. Eurocrypt 2001, 2001, LNCS, vol. 2045, pp. 453-474
  56. A. O. Freier, P. Karlton, and P. C. Kocher, 'The SSL protocol version 3.0,' Internet draft, Netscape Communications, 1996
  57. S. Kent and R. Atkinson, 'Security architecture for the Internet protocol,' RFC 2401, 1998
  58. S. Goldwasser and S. Micali, 'Probabilistic encryption,' J. Comput. Syst. Sci., vol. 28, no. 2, pp. 270-299, 1984 https://doi.org/10.1016/0022-0000(84)90070-9