, 43:137 | Cite as

Provably secure group key management scheme based on proxy re-encryption with constant public bulletin size and key derivation time

  • Gaurav PareekEmail author
  • B R Purushothama


Users share a group key to decrypt encryptions for the group using a group key management scheme. In this paper, we propose a re-encryption-based group key management scheme, which uses a unidirectional proxy re-encryption scheme with special properties to enable group members share the updated group key with minimum storage and computation overhead. In particular, we propose a proxy re-encryption scheme that supports direct re-encryption key derivation using intermediate re-encryption keys. Unlike multi-hop re-encryption, the proposed proxy re-encryption scheme does not involve repeated re-encryption of the message. All the computations are done on the re-encryption key level and only one re-encryption is sufficient for making the group key available to the users. The proposed scheme is the first for group key management based on proxy re-encryption that is secure against collusion. The individual users store just one individual secret key with group key derivation requiring O\((\log N)\) computation steps for a group of N users. Size of the public bulletin maintained to facilitate access to the most recent group key for off-line members is O(N) and remains constant with respect to the number of group updates. The proposed group key management scheme confronts attacks by a non-member and even a collusion attack under standard cryptographic assumptions.


Group key management collusion-secure proxy re-encryption logical key hierarchy re-encryption key derivation multi-cast security 



This work is supported by the Ministry of Human Resource Development, Government of India.


  1. 1.
    Wong C K, Gouda M and Lam S S 2000 Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8(1): 16–30CrossRefGoogle Scholar
  2. 2.
    Chen Y R, Tygar J D and Tzeng W G 2011 Secure group key management using uni-directional proxy re-encryption schemes. In: Proceedings of the 2011 IEEE International Conference on Computer Communications, INFOCOM’11, pp. 1952–1960Google Scholar
  3. 3.
    Ateniese G, Fu K, Green M and Hohenberger S 2006 Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1): 1–30CrossRefzbMATHGoogle Scholar
  4. 4.
    Blaze M, Bleumer G and Strauss M 1998 Divertible protocols and atomic proxy cryptography. In: Advances in Cryptology—EUROCRYPT’98, pp. 127–144Google Scholar
  5. 5.
    Chen Y R and Tzeng W G 2012 Efficient and provably-secure group key management scheme using key derivation. In: Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 295–302Google Scholar
  6. 6.
    Atallah M J, Blanton M, Fazio N and Frikken K B 2009 ACM Transactions on Information and System Security. ACM Trans. Inf. Syst. Secur. 12(3): 18:1–18:43CrossRefGoogle Scholar
  7. 7.
    Shao J, Liu P, Cao Z and Wei G 2011 Multi-use unidirectional proxy re-encryption. In: Proceedings of the IEEE International Conference on Communications (ICC), pp. 1–5Google Scholar
  8. 8.
    Wang H, Cao Z and Wang L 2010 Multi-use and unidirectional identity-based proxy re-encryption schemes. Inf. Sci. 180(20): 4042–4059MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Sherman A T and McGrew D A 2003 Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. 29(5): 444–458CrossRefGoogle Scholar
  10. 10.
    Canetti R, Garay J, Itkis G, Micciancio D, Naor M and Pinkas B 1999 Multicast security: a taxonomy and some efficient constructions. In: Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’99), vol. 2, pp. 708–716Google Scholar
  11. 11.
    Chiu Y P, Lei C L and Huang C Y 2005 Secure multicast using proxy encryption. In: Proceedings of the 7th International Conference on Information and Communications Security, ICICS 2005, pp. 280–290Google Scholar
  12. 12.
    Han Y, Gui X, Wu X and Yang X 2011 Proxy encryption based secure multicast in wireless mesh networks. J. Netw. Comput. Appl. 34(2): 469–477CrossRefGoogle Scholar
  13. 13.
    Huang C Y, Chiu Y P, Chen K T and Lei C L 2007 Secure multicast in dynamic environments. Comput. Netw. 51(10): 2805–2817CrossRefzbMATHGoogle Scholar
  14. 14.
    Hur J, Shin Y and Yoon H 2007 Decentralized group key management for dynamic networks using proxy cryptography. In: Proceedings of the 3rd ACM Workshop on QoS and Security for Wireless and Mobile Networks, pp. 123–129Google Scholar
  15. 15.
    Mittra S 1997 Iolus: a framework for scalable secure multicasting. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, SIGCOMM’ 97, pp. 277–288Google Scholar
  16. 16.
    Mukherjee R and Atwood J W 2007 Scalable solutions for secure group communications. Comput. Netw. 51(12): 3525–3548CrossRefzbMATHGoogle Scholar
  17. 17.
    Li X S, Yang Y R, Gouda M G and Lam S S 2001 Batch rekeying for secure group communications. In: Proceedings of the Tenth International Conference on World Wide Web, pp. 525–534Google Scholar
  18. 18.
    Sun Y and Liu K J R 2007 Hierarchical group access control for secure multicast communications. IEEE/ACM Trans. Netw. 15(6): 1514–1526CrossRefGoogle Scholar
  19. 19.
    Penrig A, Song D and Tygar D 2001 Elk, a new protocol for efficient large-group key distribution. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 247–262Google Scholar
  20. 20.
    Hur J, Shin Y and Yoon H 2007 Decentralized group key management for dynamic networks using proxy cryptography. In: Proceedings of the Third ACM Workshop on QoS and Security for Wireless and Mobile Networks, pp. 123–129Google Scholar
  21. 21.
    Ivan A and Dodis Y 2003 Proxy cryptography revisited. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) Google Scholar
  22. 22.
    Ku W C and Chen S M 2003 An improved key management scheme for large dynamic groups using one-way function trees. In: Proceedings of the International Conference on Parallel Processing Workshops, pp. 391–396Google Scholar
  23. 23.
    Dan B and Franklin M 2001 Identity-based encryption from the weil pairing. In: Advances in Cryptology-CRYPTO’01, pp. 213–229Google Scholar
  24. 24.
    Dan B and Franklin M 2003 Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3): 586–615MathSciNetCrossRefzbMATHGoogle Scholar
  25. 25.
    Dodis Y and Yampolskiy A 2005 A verifiable random function with short proofs and keys. In: Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography, pp. 416–431Google Scholar

Copyright information

© Indian Academy of Sciences 2018

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringNational Institute of Technology GoaFarmagudiIndia

Personalised recommendations