Skip to main content
SpringerLink
Log in

Provably secure group key management scheme based on proxy re-encryption with constant public bulletin size and key derivation time

  • Published:
Sādhanā Aims and scope Submit manuscript

Abstract

Users share a group key to decrypt encryptions for the group using a group key management scheme. In this paper, we propose a re-encryption-based group key management scheme, which uses a unidirectional proxy re-encryption scheme with special properties to enable group members share the updated group key with minimum storage and computation overhead. In particular, we propose a proxy re-encryption scheme that supports direct re-encryption key derivation using intermediate re-encryption keys. Unlike multi-hop re-encryption, the proposed proxy re-encryption scheme does not involve repeated re-encryption of the message. All the computations are done on the re-encryption key level and only one re-encryption is sufficient for making the group key available to the users. The proposed scheme is the first for group key management based on proxy re-encryption that is secure against collusion. The individual users store just one individual secret key with group key derivation requiring O\((\log N)\) computation steps for a group of N users. Size of the public bulletin maintained to facilitate access to the most recent group key for off-line members is O(N) and remains constant with respect to the number of group updates. The proposed group key management scheme confronts attacks by a non-member and even a collusion attack under standard cryptographic assumptions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6

Similar content being viewed by others

Notes

  1. \(\log _d N\) for a d-ary key tree. Key-trees of degree 2 are the most common.

References

  1. Wong C K, Gouda M and Lam S S 2000 Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8(1): 16–30

    Article  Google Scholar 

  2. Chen Y R, Tygar J D and Tzeng W G 2011 Secure group key management using uni-directional proxy re-encryption schemes. In: Proceedings of the 2011 IEEE International Conference on Computer Communications, INFOCOM’11, pp. 1952–1960

  3. Ateniese G, Fu K, Green M and Hohenberger S 2006 Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1): 1–30

    Article  MATH  Google Scholar 

  4. Blaze M, Bleumer G and Strauss M 1998 Divertible protocols and atomic proxy cryptography. In: Advances in Cryptology—EUROCRYPT’98, pp. 127–144

  5. Chen Y R and Tzeng W G 2012 Efficient and provably-secure group key management scheme using key derivation. In: Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 295–302

  6. Atallah M J, Blanton M, Fazio N and Frikken K B 2009 ACM Transactions on Information and System Security. ACM Trans. Inf. Syst. Secur. 12(3): 18:1–18:43

    Article  Google Scholar 

  7. Shao J, Liu P, Cao Z and Wei G 2011 Multi-use unidirectional proxy re-encryption. In: Proceedings of the IEEE International Conference on Communications (ICC), pp. 1–5

  8. Wang H, Cao Z and Wang L 2010 Multi-use and unidirectional identity-based proxy re-encryption schemes. Inf. Sci. 180(20): 4042–4059

    Article  MathSciNet  MATH  Google Scholar 

  9. Sherman A T and McGrew D A 2003 Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. 29(5): 444–458

    Article  Google Scholar 

  10. Canetti R, Garay J, Itkis G, Micciancio D, Naor M and Pinkas B 1999 Multicast security: a taxonomy and some efficient constructions. In: Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’99), vol. 2, pp. 708–716

  11. Chiu Y P, Lei C L and Huang C Y 2005 Secure multicast using proxy encryption. In: Proceedings of the 7th International Conference on Information and Communications Security, ICICS 2005, pp. 280–290

  12. Han Y, Gui X, Wu X and Yang X 2011 Proxy encryption based secure multicast in wireless mesh networks. J. Netw. Comput. Appl. 34(2): 469–477

    Article  Google Scholar 

  13. Huang C Y, Chiu Y P, Chen K T and Lei C L 2007 Secure multicast in dynamic environments. Comput. Netw. 51(10): 2805–2817

    Article  MATH  Google Scholar 

  14. Hur J, Shin Y and Yoon H 2007 Decentralized group key management for dynamic networks using proxy cryptography. In: Proceedings of the 3rd ACM Workshop on QoS and Security for Wireless and Mobile Networks, pp. 123–129

  15. Mittra S 1997 Iolus: a framework for scalable secure multicasting. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, SIGCOMM’ 97, pp. 277–288

  16. Mukherjee R and Atwood J W 2007 Scalable solutions for secure group communications. Comput. Netw. 51(12): 3525–3548

    Article  MATH  Google Scholar 

  17. Li X S, Yang Y R, Gouda M G and Lam S S 2001 Batch rekeying for secure group communications. In: Proceedings of the Tenth International Conference on World Wide Web, pp. 525–534

  18. Sun Y and Liu K J R 2007 Hierarchical group access control for secure multicast communications. IEEE/ACM Trans. Netw. 15(6): 1514–1526

    Article  Google Scholar 

  19. Penrig A, Song D and Tygar D 2001 Elk, a new protocol for efficient large-group key distribution. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 247–262

  20. Hur J, Shin Y and Yoon H 2007 Decentralized group key management for dynamic networks using proxy cryptography. In: Proceedings of the Third ACM Workshop on QoS and Security for Wireless and Mobile Networks, pp. 123–129

  21. Ivan A and Dodis Y 2003 Proxy cryptography revisited. In: Proceedings of the Network and Distributed System Security Symposium (NDSS)

  22. Ku W C and Chen S M 2003 An improved key management scheme for large dynamic groups using one-way function trees. In: Proceedings of the International Conference on Parallel Processing Workshops, pp. 391–396

  23. Dan B and Franklin M 2001 Identity-based encryption from the weil pairing. In: Advances in Cryptology-CRYPTO’01, pp. 213–229

  24. Dan B and Franklin M 2003 Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3): 586–615

    Article  MathSciNet  MATH  Google Scholar 

  25. Dodis Y and Yampolskiy A 2005 A verifiable random function with short proofs and keys. In: Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography, pp. 416–431

Download references

Acknowledgements

This work is supported by the Ministry of Human Resource Development, Government of India.

Author information

Author notes

    Authors and Affiliations

    1. Department of Computer Science and Engineering, National Institute of Technology Goa, Farmagudi, Ponda, 403401, India

      Gaurav Pareek & B R Purushothama

    Authors
    1. Gaurav Pareek
      View author publications

      You can also search for this author in PubMed Google Scholar

    2. B R Purushothama
      View author publications

      You can also search for this author in PubMed Google Scholar

    Corresponding author

    Correspondence to Gaurav Pareek.

    Rights and permissions

    Reprints and permissions

    About this article

    Check for updates. Verify currency and authenticity via CrossMark

    Cite this article

    Pareek, G., Purushothama, B.R. Provably secure group key management scheme based on proxy re-encryption with constant public bulletin size and key derivation time. Sādhanā 43, 137 (2018). https://doi.org/10.1007/s12046-018-0917-8

    Download citation

    • Received:

    • Revised:

    • Accepted:

    • Published:

    • DOI: https://doi.org/10.1007/s12046-018-0917-8

    Keywords

    Search

    Navigation