Advertisement

International Journal of Information Security

, Volume 17, Issue 4, pp 423–440 | Cite as

A new strong security model for stateful authenticated group key exchange

  • Zheng Yang
  • Chao Liu
  • Wanping Liu
  • Daigu Zhang
  • Song Luo
Regular Contribution
  • 272 Downloads

Abstract

Stateful authenticated group key exchange (stAGKE) represents an important class of authenticated group key exchange (AGKE) such as tree-based AGKE. The computation of either ephemeral public key or session key in a new stAGKE session may be based on the ephemeral secret state from some previously established session. We notice that earlier AGKE models may be not able to provide appropriate security arguments for stAGKE. In this work, a new model is proposed for stAGKE to formulate security properties in particular for resistance to the leakage attacks on ephemeral key. To be of independent interest, the new model is also flexible, which can be used for analyzing either stateless or stateful AGKE protocols. We show the validity of our model by introducing a new tree-based protocol construction for stAGKE. The proposed scheme is proven secure in our new proposed model without random oracles.

Keywords

Stateful group key exchange Dynamic group key exchange Tree-based group key exchange Security model Ephemeral key leakage 

Mathematics Subject Classification

94A60 

Notes

Acknowledgements

This study was supported by National Natural Science Foundation of China (Grant Nos. 11647097, 11547148 and 61503052), Research Project of Humanities and Social Sciences of Ministry of Education of China (Grant Nos. 16YJC870018, 15YJC790061 and 16JDSZ2019) and Scientific and Technological Research Program of Chongqing Municipal Education Commission (Grant Nos. KJ1500918, KJ1600928 and KJ1600932)

References

  1. 1.
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Proceedings of the 6th Theory of Cryptography Conference, pp. 474–495 (2009)Google Scholar
  2. 2.
    Alawatugoda, J., Boyd, C., Stebila, D.: Continuous after-the-fact leakage-resilient key exchange. In: Proceedings of the 19th Australasian Conference on Information Security and Privacy, pp. 258–273 (2014)Google Scholar
  3. 3.
    Alawatugoda, J., Stebila, D., Boyd, C.: Modelling after-the-fact leakage for key exchange. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 207–216 (2014)Google Scholar
  4. 4.
    Barua, R., Dutta, R., Sarkar, P.: Extending joux’s protocol to multi party key agreement. In: Proceedings of the 4th International Conference on Cryptology in India—INDOCRYPT 2003, pp. 205–217 (2003)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Proceedings of Advances in Cryptology—CRYPTO’93, pp. 232–249 (1994)Google Scholar
  6. 6.
    Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques—EUROCRYPT’06, pp. 409–426 (2006)Google Scholar
  7. 7.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Proceedings of Advances in Cryptology—EUROCRYPT’07, pp. 37–51 (1997)Google Scholar
  8. 8.
    Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathanm, V.: Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: Proceedings of the 51st Annual Symposium on Foundations of Computer Science, pp. 501–510 (2010)Google Scholar
  9. 9.
    Brecher, T., Bresson, E., Manulis, M.: Fully robust tree-diffie-hellman group key exchange. In: Proceedings of the 8th International Conference on Cryptology and Network Security, pp. 478–497 (2009)Google Scholar
  10. 10.
    Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group Diffie-Hellman key exchange—the dynamic case. In: Proceedings of Advances in Cryptology—ASIACRYPT, vol. 2001, pp. 290–309 (2001)Google Scholar
  11. 11.
    Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.-J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th Conference on Computer and Communications Security, pp. 255–264 (2001)Google Scholar
  12. 12.
    Bresson, E., Manulis, M.: Securing group key exchange against strong corruptions. In: Proceedings of the 3th ACM Symposium on Information, Computer and Communications Security, pp. 249–260 (2008)Google Scholar
  13. 13.
    Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: Proceedings of Advances in Cryptology—EUROCRYPT’94, pp. 275–286 (1995)Google Scholar
  14. 14.
    Chen, Y.R., Tzeng, W.G.: Group key management with efficient rekey mechanism: a semi-stateful approach for out-of-synchronized members. Comput. Commun. 98, 31–42 (2017)CrossRefGoogle Scholar
  15. 15.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Proceedings of Advances in Cryptology—EUROCRYPT, vol. 2001, pp. 453–474 (2001)Google Scholar
  16. 16.
    Cremers, C., Feltz, M.: Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal. In: Proceedings of the 17th European Symposium on Research in Computer Security, pp. 734–751 (2012)Google Scholar
  17. 17.
    Desmedt, Y., Lange, T., Burmester, M.: Scalable authenticated tree based group key exchange for ad-hoc groups. In: Proceedings of the 11th International Conference on Financial Cryptography and Data Security, pp. 104–118 (2007)Google Scholar
  18. 18.
    Dutta, R., Barua, R.: Dynamic group key agreement in tree-based setting. In: Proceedings of the 10th Australasian Conference on Information Security and Privacy, pp. 101–112 (2005)Google Scholar
  19. 19.
    Fortino, G., Russo, W., Mastroianni, C., Palau, C.E., Esteve, M.: CDN-supported collaborative media streaming control. IEEE MultiMedia 14(2), 60–71 (2007)CrossRefGoogle Scholar
  20. 20.
    Fujioka, A., Manulis, M., Suzuki, K., Ustaoglu, B.: Sufficient condition for ephemeral key-leakage resilient tripartite key exchange. In: Proceedings of the 17th Australasian Conference on Information Security and Privacy, pp. 15–28 (2012)Google Scholar
  21. 21.
    Gorantla, M.C., Boyd, C., Nieto, J.M.G.: Modeling key compromise impersonation attacks on group key exchange protocols. In: Proceedings of the 12th International Conference on Theory and Practice of Public Key Cryptography, pp. 105–123 (2009)Google Scholar
  22. 22.
    He, S., Wu, Q., Qin, B., Liu, J., Li, Y.: Efficient group key management for secure big data in predictable large-scale networks. Concurr. Comput. Pract. Exp. 28(4), 1174–1192 (2016)CrossRefGoogle Scholar
  23. 23.
    Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)CrossRefGoogle Scholar
  24. 24.
    Jiang, S.: Group key agreement with local connectivity. IEEE Trans. Dependable Secur. Comput. 13(3), 326–339 (2016)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Proceedings of Advances in Cryptology—CRYPTO, vol. 2003, pp. 110–125 (2003)Google Scholar
  26. 26.
    Kim, Y., Perrig, A., Tsudik, G.: Communication-efficient group key agreement. In: Proceedings of IFIP International Conference on Trusted Information, pp. 229–244 (2001)Google Scholar
  27. 27.
    Kim, Yongdae, Perrig, Adrian, Tsudik, Gene: Tree-based group key agreement. ACM Trans. Inf. Syst. Secur. 7(1), 60–96 (2004)CrossRefGoogle Scholar
  28. 28.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of Advances in Cryptology—CRYPTO’99, pp. 388–397 (1999)Google Scholar
  29. 29.
    Krawczyk, H.: HMQV: a high-performance secure diffie-hellman protocol. In: Proceedings of Advances in Cryptology—CRYPTO, vol. 2005, pp. 546–566 (2005)Google Scholar
  30. 30.
    LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Proceedings of the 1st International Conference on Provable Security, pp. 1–16 (2007)Google Scholar
  31. 31.
    Li, Y., Yang, Z.: Strongly secure one-round group authenticated key exchange in the standard model. In: Proceedings of the 12th International Conference on Cryptology and Network Security, pp. 122–138 (2013)Google Scholar
  32. 32.
    Liao, L., Manulis, M.: Tree-based group key agreement framework for mobile ad-hoc networks. Future Gener. Comput. Syst. 23(6), 787–803 (2007)CrossRefGoogle Scholar
  33. 33.
    Manulis, M., Suzuki, K., Ustaoglu, B.: Modeling leakage of ephemeral secrets in tripartite/group key exchange. In: Proceedings of the 12th International Conference on Information Security and Cryptology, pp. 16–33 (2010)Google Scholar
  34. 34.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive: http://eprint.iacr.org/2004/332
  35. 35.
    Sun, Y., Chen, M., Bacchus, A., Lin, X.: Towards collusion-attack-resilient group key management using one-way function tree. Comput. Netw. 104, 16–26 (2016)Google Scholar
  36. 36.
    Vijayakumar, P., Naresh, R., Deborah, L.J., Islam, S.H.: An efficient group key agreement protocol for secure P2P communication. Secur. Commun. Netw. 9(17), 3952–3965 (2016)Google Scholar
  37. 37.
    Yang, Z.: Towards modelling perfect forward secrecy for one-round group key exchange. Int. J. Netw. Sec. 18, 304–315 (2016)Google Scholar
  38. 38.
    Yang, Z.: On constructing practical multi-recipient key-encapsulation with short ciphertext and public key. Secur. Commun. Netw. 8(18), 4191–4202 (2015)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  • Zheng Yang
    • 1
    • 2
  • Chao Liu
    • 2
  • Wanping Liu
    • 2
  • Daigu Zhang
    • 2
  • Song Luo
    • 2
  1. 1.Department of Computer ScienceUniversity of HelsinkiHelsinkiFinland
  2. 2.School of Computer Science and EngineeringChongqing University of TechnologyChongqingChina

Personalised recommendations