Scalable attribute-based group key establishment: from passive to active and deniable

Original Paper


A protocol compiler is presented which transforms any unauthenticated (attribute-based) group key establishment protocol into an authenticated attribute-based group key establishment. If the protocol to which the compiler is applied does not make use of long-term secrets, then the resulting protocol is, in addition, deniable. In particular, applying our compiler to an unauthenticated 2-round protocol going back to Burmester and Desmedt results in a 3-round solution for attribute-based group key establishment, offering both forward secrecy and deniability.


Group key establishment Deniabilility Attribute-based key encapsulation Attribute-based signature 


  1. 1.
    Wang, H., Xu, Q.L., Ban, T.: A provably secure two-party attribute-based key agreement protocol. In: 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia, Signal Processing, pp. 1042–1045 (2009)Google Scholar
  2. 2.
    Wang, H., Xu, Q.L., Fu, X.: Revocable attribute-based key agreement protocol without random oracles. J. Netw. 4, 787–794 (2009)Google Scholar
  3. 3.
    Wang, H., Xu, Q.L., Fu, X.: Two-party attribute-based key agreement protocol in the stan- dard model. In: Proceedings of the 2009 International Symposium on Information Processing (ISIP’09), pp. 325–328 (2009)Google Scholar
  4. 4.
    Camenisch, J., Casati, N., Gross, T., Shoup, V.: Credential Authenticated Identification and Key Exchange. In: Rabin, T. (ed.) Advances in Cryptology—CRYPTO 2010, Lecture Notes in Computer Science, vol. 6223, pp. 255–276. Springer, Berlin (2010)Google Scholar
  5. 5.
    Steinwandt, R., Suárez Corona, A.: Attribute-based group key establishment. Adv. Math. Commun. 4, 381–398 (2010)CrossRefMATHMathSciNetGoogle Scholar
  6. 6.
    Gorantla, M., Boyd, C., Nieto, J.G.: Attribute-based authenticated key exchange. In: Steinfeld, R., Hawkes, P. (eds.) Information Security and Privacy. Lecture Notes in Computer Science, vol. 6168, pp. 300–317. Springer, Berlin (2010)CrossRefGoogle Scholar
  7. 7.
    Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) Advances in Cryptology—CRYPTO’03, Lecture Notes in Computer Science, vol. 2729, pp. 110–125. Springer, Berlin (2003)Google Scholar
  8. 8.
    Desmedt, M., Desmedt, Y.: A Secure and efficient conference key distribution system. In: Santis, A.D. (ed.) Advances in Cryptology—EUROCRYPT ’94, Lecture Notes in Computer Science, vol. 950, pp. 275–286. Springer, Berlin (1995)Google Scholar
  9. 9.
    Bohli, J.M., Steinwandt, R.: Deniable group key agreement. In: Nguyen, P.Q. (ed.) Progress in Cryptology—VIETCRYPT 2006, Lecture Notes in Computer Science, vol. 950, pp. 298–311. Springer, Berlin (2006)Google Scholar
  10. 10.
    Zhang, Y., Wang, K., Li, B.: A deniable group key establishment protocol in the standard model. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds.) Information Security, Practice and Experience—ISPEC 2010, Lecture Notes in Computer Science, vol. 6047, pp. 308–323. Springer, Berlin (2010)Google Scholar
  11. 11.
    Chen, S., Cheng, Q., Ma, C.: A deniable group key exchange protocol for imbalanced wireless networks. In: B. Hu, X. Li, J. Yan (eds.). 5th International Conference on Pervasive Computing and Applications (ICPCA) 2010, pp. 1–5. IEEE, New York (2010)Google Scholar
  12. 12.
    Neupane, K., Steinwandt, R., Suárez Corona, A.: Scalable deniable group key establishment. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds.) Proceedings of 5th International Symposium on Foundations and Practice of Security FPS 2012, Lecture Notes in Computer Science, pp. 365–373. Springer (2013). Short paper.
  13. 13.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society, SilverSpring (2007)Google Scholar
  14. 14.
    Bellare, M., Jokipii, A.D.E., Rogaway, P.: A concrete security treatment of symmetric encryption: analysis of the DES modes of operation (1997). Full paper of an extended abstract that appeared in the Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE (1997)Google Scholar
  15. 15.
    Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) Advances in Cryptology—ASIACRYPT 2000, Lecture Notes in Computer Science, vol. 1976, pp. 531–545. Springer, Berlin (2000)Google Scholar
  16. 16.
    Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-based signatures. In: Kiayias, A. (ed.) Topics in Cryptology—CT-RSA 2011, Lecture Notes in Computer Science, vol. 6558, pp. 376–392. Springer, Berlin (2011)Google Scholar
  17. 17.
    Herranz, J., Laguillaumie, F., Libert, B., Ràfols, C.: Short attribute-based signatures for threshold predicates. In: Dunkelman, O. (ed.) Topics in Cryptology—CT-RSA 2012, Lecture Notes in Computer Science, vol. 7178, pp. 51–67. Springer, Berlin (2012)Google Scholar
  18. 18.
    Bohli, J.M.: A framework for robust group key agreement. In: Gavrilova, M., Gervasi, O., Kumar, V., Tan, C., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) Computational Science and Its Applications—ICCSA 2006, Lecture Notes in Computer Science, vol. 3982, pp. 355–364. Springer, Berlin (2006)Google Scholar
  19. 19.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive: Report 2004/332 (2004).
  20. 20.
    Birkett, J., Stebila, D.: Predicate-based key exchange. In: R. Steinfeld, P. Hawkes (eds.) Information Security and Privacy, 15th Australasian Conference, ACISP 2010, Lecture Notes in Computer Science, vol. 6168, pp. 282–299. Springer, Berlin (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.Florida Atlantic UniversityBoca RatonUSA
  2. 2.University of DenverDenverUSA

Personalised recommendations