A distributed key management protocol for dynamic groups
3
Citation
19
Reference
10
Related Paper
Abstract:
With the popularity of group-oriented applications, secure and efficient communication among all group members has become a major issue. We propose a distributed key management protocol for group members to share a secret group key, which can be used to protect shared information. The protocol manages the group key of a dynamic group, where members can freely join or leave, and each time the key is updated using two broadcast messages. The protocol algorithms provide group key secrecy, forward group key secrecy, and backward group key secrecy. The complexities of the group key computation time, the storage space for every member, and the total communication bandwidth to update the group key are approximately of logarithmic order of the group size, which make the protocol attractive for environments with less computation power and smaller storage.Keywords:
Group key
Forward secrecy
Pre-shared key
Rekeying
Key-agreement protocol
With the popularity of group-oriented applications, secure and efficient communication among all group members has become a major issue. We propose a distributed key management protocol for group members to share a secret group key, which can be used to protect shared information. The protocol manages the group key of a dynamic group, where members can freely join or leave, and each time the key is updated using two broadcast messages. The protocol algorithms provide group key secrecy, forward group key secrecy, and backward group key secrecy. The complexities of the group key computation time, the storage space for every member, and the total communication bandwidth to update the group key are approximately of logarithmic order of the group size, which make the protocol attractive for environments with less computation power and smaller storage.
Group key
Forward secrecy
Pre-shared key
Rekeying
Key-agreement protocol
Cite
Citations (3)
Asymmetric group key agreement allows a group of users to negotiate a public encryption key that corresponds to several decryption keys, and each decryption key can only be computed by one group member. This novel notion ensures the confidentiality of communication among group members and allows any external entity to send messages to the group. However, the existing authenticated asymmetric group key agreement protocols are designed in identity-based cryptosystem or certificateless public key cryptosystem, which are not widely deployed. In this paper, we propose an efficient authenticated asymmetric group key agreement protocol. The protocol captures the security of secrecy, known-key security, key-compromise impersonation, unknown key-share and key control while being resistant to active attacks. The security of our protocol is reduced to the k-BDHE problem.
Group key
Forward secrecy
Key-agreement protocol
Key encapsulation
Security association
Cite
Citations (2)
In 2004, Hwang et al. proposed a group key exchange protocol for sharing a secure key in a group. Their protocol is an extension from the two party key exchange protocol to the group one. Recently, Jung-San Lee et al. noted that Hwang et al. group key exchange protocol has two security weaknesses. First, the forward secrecy is not confirmed in case that a new member joins the group and second, if a group member leaves the group, the backward secrecy is compromised. They proposed an improvement over this key exchange protocol in order to provide both forward and backward secrecy among group members. In this paper, we propose another improvement over Lee et al. key exchange, and we show that our key exchange protocol not only preservers both forward and backward secrecy, but also it is more efficient than their protocol when a member leaves the group. Finally, we give a formal analysis for the correctness of the proposed protocol via Scyther model checking tool.
Forward secrecy
Group key
Key-agreement protocol
Oakley protocol
Cite
Citations (0)
Popularity of group-oriented applications motivates research on security protection for group communications. A number of group key agreement protocols have been proposed for this objective, but most current group key agreement protocols do not consider privacy protection. Group key agreement protocols for networks should also handle dynamic group membership events such as user join and leave events. The Join and Leave Protocols provide backward and forward secrecy respectively. In this paper, we proposed a new anonymous group key agreement protocol based on ID-based encryption cryptosystems. The proposed protocol not only benefits from the desirable features of ID-based cryptosystem, but also provides privacy protection for users. The proposed protocol achieves the following security attribute: anonymity, unlinkability, group key secrecy, group forward secrecy, group backward secrecy, perfect forward secrecy for the group session key and entity authentication.
Group key
Forward secrecy
Session key
Key-agreement protocol
Cite
Citations (0)
To meet the increasing popularity of secure group-oriented computing, this paper proposed an efficient group key agreement scheme-PAGKA. It combines the merit of key tree and Pairings-based key exchange, and involves members' long-term keys and session random in the group key to avoid dependence on signature or MAC. The PAGKA protocol suite is communication efficient, and has the following cryptographic properties such as key independence, implicit key authentication, perfect forward secrecy and resistance to known-key attacks and man-in-the-middle attacks. The idea in PAGKA can be used as a general method to extend authenticated two-party key agreement protocol to group settings.
Forward secrecy
Group key
Session key
Key-agreement protocol
Authenticated Key Exchange
Pre-shared key
Oakley protocol
Cite
Citations (0)
SUMMARY A fault‐tolerant group key agreement is an essential infrastructure for Internet communication among all involved participants; it can establish a secure session key no matter how many malicious participants exit simultaneously in an effort to disrupt the key agreement process. Recently, Zhao et al . proposed an efficient fault‐tolerant group key agreement protocol named efficient group key agreement that can resist denial‐of‐service attacks, reply attacks, man‐in‐middle attacks, and common modulus attacks; it can also preserve forward secrecy with lower computational cost than previous protocols. We show that it is still vulnerable to active attacks by malicious participants and modify the corresponding security weakness adaptively. Furthermore, we propose an efficient fault‐tolerant group key agreement based on a binary tree structure and enhance it to a dynamic setting where participants can leave or join the group arbitrarily according to their preferences with instant session key refreshment. Additionally, our session key refreshment is based on secure key updating to protect forward/backward confidentiality and is resistant to active/passive attacks. The performance analysis shows that our proposed protocol has lower computational cost and little additional communication cost exploiting dynamic setting. Copyright © 2013 John Wiley & Sons, Ltd.
Forward secrecy
Group key
Key-agreement protocol
Session key
Cite
Citations (14)
A Group Key Agreement (GKA) protocol is necessary for establishing a group key among all of the group members over a public network. The protocol presents a fundamental challenge in secure and efficient group communications. Without the disadvantages of centralized method, Contributory Group Key Agreement (CGKA) is more suitable for dynamic groups. Recently, a Dynamic Asymmetric Group Key Agreement (DASGKA) protocol is proposed base on CGKA. The protocol allows dynamic joining or leaving solution to enhance efficiency in ad hoc networks. In this paper, we focus on the problem of the establishment of the group key. We propose a secure contributory group key agreement protocol based on ring structure. As a member joining or leaving the group, there are more designs about secure transmission and precise verification. Moreover, the issues about passive attack, unknown key-share, key freshness, contributiveness, backward secrecy and forward secrecy were analyzed in this paper. The results of the paper show that our protocol provides more robust and secure group communication.
Group key
Forward secrecy
Key-agreement protocol
Pre-shared key
Cite
Citations (2)
As there is growth in the need of applications such as video conferencing and interactive chatting, secure group communication is an important research area. Security in these applications is necessary to provide services like privacy, data-integrity, and non-repudiation to group members. A naive way to achieve security in such groups is to have a secret key among every node. This task is achieved by means of a contributory group key agreement protocol that each member directly contributes to key management and generation. In 2007, Heo et al. [4] proposed certificateless authenticated group key agreement (CAGKA) protocol. While their protocol provides efficient communication and computation complexity, it does not provide (perfect) forward secrecy desired for a secure group key agreement protocol. In this paper, a certificateless authenticated group key agreement protocol is proposed based on CCEGK and EAGKA. The proposed protocol also satisfies security requirements and is suitable for dynamic membership events.
Group key
Forward secrecy
Key-agreement protocol
Cite
Citations (19)
Many emerging network applications are based upon a group communication model. In a peer-to-peer or ad-hoc network which do not have a previously agreed upon common secret key, communication is susceptible to eavesdropping, Hence a secure distributed group key agreement is required to establish and authenticate a common group key for secure and private communication. This paper presents an authenticated distributed collaborative key agreement for dynamic peer groups. The protocol is distributed in nature in which there is no centralized key server, collaborative in nature in which the group key is contributory, dynamic in nature in which existing members may leave the group while new members may join. Instead of performing individual rekeying an interval-based approach is used. The Queue-batch algorithm used for rekeying substantially reduces the computation and communication cost. Key authentication provided focuses on security improvement.
Rekeying
Group key
Key-agreement protocol
Eavesdropping
Pre-shared key
Security association
Cite
Citations (5)
Secure group communications are more prone to attacks as compared to the conventional one to one communication. Every client in a group can be seen as a single source of attack, therefore it is important to design a robust security scheme that will protect all the individual clients and hence the entire group. In this paper a novel security architecture has been presented, that provides a secure group key generation and transfer protocol that is based on ICMetrics. The salient features of the protocol include a single collaborative key generation scheme that is initiated through client authentication. Also provided is a rekeying procedure that is important in maintaining the freshness of the key and offers perfect forward secrecy. The above features are based on the use of ICMetrics to provide a security protocol that is scalable and secure. The presented protocol has been simulated for varying group population sizes using C++ and Maple. The resulting running times for various stages of the protocol have been studied.
Rekeying
Group key
Forward secrecy
Key generation
Key-agreement protocol
Cite
Citations (1)