Springer Nature is making Coronavirus research free. View research | View latest news | Sign up for updates

An efficient protocol for secure multicast key distribution in the presence of adaptive adversaries

一种快速有效能抵抗自适应攻击的组播密钥分发协议

  • 87 Accesses

  • 1 Citations

Abstract

In this paper, an efficient construction of multicast key distribution schemes based on semantically secure symmetric-key encryption schemes and cryptographically strong pseudo-random number generators is presented and analyzed. The proposed scheme is provably secure against adaptive adversaries leveraging the security amplification technique defined over the logical key hierarchy structures. Our protocol tolerates any coalition of revoked users; in particular, we do not assume any limit on the size or structure of the coalition. The proposed scheme is efficient as a performance of Join or Leave procedure requires 2 log(N) multicast activities defined over a sibling ancestor node set, 2 log(N) internal state updates of the underlying pseudo-random number generator and 2 log(N) symmetric-key encryption activities for N users in a session.

摘要

创新点

本文提出一种基于语义安全对称密钥加密算法和密码安全伪随机数发生器的快速组播密钥分发协议。 利用定义在逻辑密钥树结构的安全性放大技术, 我们证明了提出的方案能抵抗自适应攻击。 该组播密钥分发协议能抵抗撤销用户合作攻击; 同时在密钥更新时, 仅需更新逻辑密钥树每个节点中内置伪随机函数的状态。 因此该算法的计算复杂度为计算复杂度为 O(log(N)), 这里N是集群的用户数。

This is a preview of subscription content, log in to check access.

References

  1. 1

    Sakarindr P, Ansari N. Survey of security services on group communications. IET Inf Secur, 2010, 4: 258–272

  2. 2

    Burmester M, Desmedt Y. A secure and efficient conference key distribution system (extended abstract). In: Advances in Cryptology—EUROCRYPT’94. Berlin: Springer, 1995. 275–286

  3. 3

    Kim Y, Perrig A, Tsudik G. Group key agreement efficient in communication. IEEE Trans Comput, 2004, 53: 905–921

  4. 4

    Kim Y, Perrig A, Tsudik G. Tree-based group key agreement. ACM Trans Inf Syst Secur, 2014, 7: 60–96

  5. 5

    Wu Q, Qin B, Zhang L, et al. Fast transmission to remote cooperative groups: a new key management paradigm. IEEE/ACM Trans Netw, 2013, 21: 621–633

  6. 6

    Fiat A, Naor M. Broadcast encryption. In: Advances in Cryptology—CRYPTO’93. Berlin: Springer, 1993. 480–491

  7. 7

    Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Advances in Cryptology—CRYPTO. Berlin: Springer, 2005. 258–275

  8. 8

    Gentry C, Waters B. Adaptive security in broadcast encryption systems (with short ciphertexts). In: Advances in Cryptology—EUROCRYPT. Berlin: Springer, 2009. 171–188

  9. 9

    Phan D H, Pointcheval D, Shahandashti S F, et al. Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts. Int J Inf Sec, 2013, 12: 251–265

  10. 10

    Wong C K, Gouda M G, Lam S S. Secure group communications using key graphs. In: Proceedings of the ACM SIGCOMM’98 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. New York: ACM, 1998. 68–79

  11. 11

    Wong C K, Gouda M G, Lam S S. Secure group communications using key graphs. IEEE/ACM Trans Netw, 2000, 8: 16–30

  12. 12

    Canetti R, Malkin T, Nissim K. Efficient communication-storage tradeoffs for multicast encryption. In: Advances in Cryptology—EUROCRYPT’99. Berlin: Springer, 1999. 459–474

  13. 13

    Wallner D M, Harder E J, Agee R C. Key management for multicast: issues and architectures. National Security Agency, 1999. http://dx.doi.org/10.17487/RFC2627

  14. 14

    Sherman A T, McGrew D A. Key establishment in large dynamic groups using one-way function trees. IEEE Trans Softw Eng, 2003, 29: 444–458

  15. 15

    Goshi J, Ladner R E. Algorithms for dynamic multicast key distribution trees. In: Proceedings of the 22nd Annual Symposium on Principles of Distributed Computing. New York: ACM, 2003. 243–251

  16. 16

    Goodrich M T, Sun J Z, Tamassia R. Efficient tree-based revocation in groups of low-state devices. In: Advances in Cryptology—CRYPTO. Berlin: Springer, 2004. 511–527

  17. 17

    Lysyanskaya A, Tamassia R, Triandopoulos N. Multicast authentication in fully adversarial networks. In: Proceedings of IEEE Symposium on Security and Privacy, Okaland, 2004. 241–255

  18. 18

    Yao D, Fazio N, Dodis Y, et al. Id-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In: Proceedings of ACM Conference on Computer and Communications Security, Washington, 2004. 354–363

  19. 19

    Zhu S, Setia S, Xu S, et al. Gkmpan: an efficient group rekeying scheme for secure multicast in ad-hoc networks. In: Proceedings of the 1st Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, Boston, 2004. 42–51

  20. 20

    Xu S. On the security of group communication schemes. J Comput Secur, 2007, 15: 129–169

  21. 21

    Chen Y R, Tygar J D, Tzeng W G. Secure group key management using uni-directional proxy re-encryption schemes. In: Proceedings of IEEE International Conference on Computer Communications, Shanghai, 2011. 1952–1960

  22. 22

    Chen Y R, Tzeng W G. Efficient and provably-secure group key management scheme using key derivation. In: Proceedings of IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, 2012. 295–302

  23. 23

    Cortier V, Steel G, Wiedling C. Revoke and let live: a secure key revocation api for cryptographic devices. In: Proceedings of ACM Conference on Computer and Communications Security, Raleigh, 2012. 918–928

  24. 24

    Cho J H, Chan K S, Chen I R. Composite trust-based public key management in mobile ad hoc networks. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing. New York: ACM, 2013. 1949–1956

  25. 25

    Dong Q, Liu D, Ning P. Providing dos resistance for signature-based broadcast authentication in sensor networks. ACM Trans Embedded Comput Syst, 2013, 12: 73

  26. 26

    Koskela T, Kassinen O, Harjula E, et al. P2P group management systems: a conceptual analysis. ACM Comput Surv, 2013, 45: 20

  27. 27

    Kremer S, Künnemann R, Steel G. Universally composable key-management. In: Computer Security— ESORICS. Berlin: Springer, 2013. 327–344

  28. 28

    Canetti R, Garay J A, Itkis G, et al. Multicast security: a taxonomy and some efficient constructions. In: Proceedings of the 18th Annual Joint Conference of the IEEE Computer and Communications Societies, New York, 1999. 708–716

  29. 29

    Micciancio D, Panjwani S. Corrupting one vs corrupting many: the case of broadcast and multicast encryption. In: Automata, Languages and Programming. Berlin: Springer, 2006. 70–82

  30. 30

    Bellare M, Desai A, Pointcheval D, et al. Relations among notions of security for public-key encryption schemes. In: Advances in Cryptology—CRYPTO’98. Berlin: Springer, 1998. 26–45

  31. 31

    National Institute of Standards and Technology. Announcing the Advanced Encryption Standard (AES): Federal Information Processing Standards Publication 197. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf. 2001

  32. 32

    Canetti R, Rivest R L, Sudan M, et al. Amplifying collision resistance: a complexity-theoretic treatment. In: Advances in Cryptology—CRYPTO. Berlin: Springer, 2007. 264–283

  33. 33

    Aggarwal D, Dodis Y, Jafargholi Z, et al. Amplifying privacy in privacy amplification. In: Advances in Cryptology—CRYPTO. Berlin: Springer, 2014. 183–198

  34. 34

    Dodis Y, Li X, Wooley T D, et al. Privacy amplification and nonmalleable extractors via character sums. SIAM J Comput, 2014, 43: 800–830

  35. 35

    Halevi S, Harnik D, Pinkas B, et al. Proofs of ownership in remote storage systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security. New York: ACM, 2011. 491–500

  36. 36

    Dwork C, Naor M, Reingold O. Immunizing encryption schemes from decryption errors. In: Advances in Cryptology— EUROCRYPT. Berlin: Springer, 2004. 342–360

  37. 37

    Goldreich O. The Foundations of Cryptography: Volume 2, Basic Applications. Cambridge: Cambridge University Press, 2004

  38. 38

    Goldreich O. The Foundations of Cryptography: Volume 1, Basic Techniques. Cambridge: Cambridge University Press, 2001

Download references

Author information

Correspondence to Huafei Zhu.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zhu, H. An efficient protocol for secure multicast key distribution in the presence of adaptive adversaries. Sci. China Inf. Sci. 60, 52109 (2017). https://doi.org/10.1007/s11432-014-0911-8

Download citation

Keywords

  • adaptive adversary
  • multicast key distribution
  • pseudo-random number generator
  • semantic security
  • symmetric-key encryption

关键词

  • 自适应攻击
  • 组播密钥分发
  • 伪随机数发生器
  • 语义安全
  • 对称密钥加密算法