Abstract
Secure communication within a large group of users such as participants in a phone or video conference relies on the availability of secure data and efficient data transmission. Group key exchange protocols allow a (large) group of n users to establish a joint secret key which can be used in symmetric systems to efficiently en- and decrypt messages to and from the group. To deal with varying constellations of the groups and to ensure key freshness it is essential that the group key exchange protocol is efficient.
Most protocols are generalizations of two-party protocols like Diffie-Hellman key exchange. The Burmester and Desmedt I protocol establishes a key in a constant number of rounds independent of the size of the group of users and in O(n) complexity of computation per user.
After Joux’s proposal to use pairings to enable a one-round tripartite key exchange (KE) several extensions of existing group KE and authenticated key exchange (AKE) protocols were published. However, quite a few turned out to be flawed and the complexity is often worse than for the original scheme. In this paper we propose a new constant round pairing based group AKE protocol which requires a lower computational complexity per user compared to previous proposals. Furthermore, the scheme is particularly interesting for groups in which some members enjoy more computational power than others. The protocol is most efficient if these members constitute roughly half of the group.
We also provide a pairing-based version of the Burmester-Desmedt II group key exchange which runs in 3 rounds and requires only O(logn) computation and communication.
Both protocols are faster than any published pairing-based key exchange protocols. If the parameters are chosen appropriately so that the pairing computations are fast the protocols can outperform the respective DL-based Burmester-Desmedt key exchange protocols.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barua, R., Dutta, R., Sarkar, P.: Extending Joux’s protocol to multi party key agreement. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 205–217. Springer, Heidelberg (2003)
Barua, R., Dutta, R., Sarkar, P.: Provably secure authenticated tree based group key agreement protocol using pairing. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 92–104. Springer, Heidelberg (2004); (see also: ePrint archive, 2004/090)
Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptology 17, 297–319 (2004)
Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.-J.: Provably authenticated group Diffie-Hellman key exchange. In: Proc. 8th Annual ACM Conference on Computer and Communications Security, pp. 255–264 (2001)
Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)
Burmester, M., Desmedt, Y.: Efficient and secure conference key distribution. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 119–130. Springer, Heidelberg (1997)
Burmester, M., Desmedt, Y.: A secure and scalable group key exchange system. Information Processing Letters 94(3), 137–143 (2005)
Burmester, M., Desmedt, Y.: Identity-based Key Infrastructures (IKI). In: Security and Protection in Information Processing Systems – SEC 2004, pp. 167–176. Kluwer, Dordrecht (2004)
Choi, K.Y., Hwang, J.Y., Lee, D.H.: Efficient ID-based group key agreement with bilinear maps. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 130–144. Springer, Heidelberg (2004)
Desmedt, Y., Lange, T., Burmester, M.: Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups. In: Financial Crypto 2007. LNCS, vol. 4886, pp. 104–118. Springer, Heidelberg (2007)
Du, X., Wang, Y., Ge, J., Wang, Y.: An improved ID-based authenticated group key agreement scheme. ePrint archive, 2003/260 (2003)
Frey, G., Müller, M., Rück, H.G.: The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems. IEEE Trans. Inform. Theory 45(5), 1717–1719 (1999)
Ingemarsson, I., Tang, D.T., Wong, C.W.: A conference key distribution system. IEEE Trans. Inform. Theory 28, 714–720 (1982)
Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)
Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003), http://www.cs.umd.edu/~jkatz/research.html
Miyaji, A., Nakabayashi, M., Takano, S.: New Explicit Conditions of Elliptic Curve Traces for FR-Reduction. IEICE Trans. Fundamentals E84-A(5), 1234–1243 (2001)
Onete, C.: Elliptic Curves and Pairing Based Cryptosystems. Internship report, Technische Universiteit Eindhoven (2008)
Verheul, E.: Evidence that XTR Is More Secure than Supersingular Elliptic Curves Cryptosystems. J. Cryptology 17, 277–296 (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Desmedt, Y., Lange, T. (2008). Revisiting Pairing Based Group Key Exchange. In: Tsudik, G. (eds) Financial Cryptography and Data Security. FC 2008. Lecture Notes in Computer Science, vol 5143. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85230-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-85230-8_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85229-2
Online ISBN: 978-3-540-85230-8
eBook Packages: Computer ScienceComputer Science (R0)