A Chain of Attacks and Countermeasures Applied to a Group Key Transfer Protocol

Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 299)

Abstract

Yuan et al. have recently introduced a Group Key Transfer (GKT) protocol [12] that permits multiple entities to share a common secret key. Starting from the original version of the protocol, we describe a chain of alternating attacks and countermeasures. First, we present a replay attack and indicate a possible fix, inspired by the analogous work of Nam et al. [5] (applied to the similar protocol of Harn and Lin [1]). Second, we review a successfully insider attack against the improved version that we have revealed in a previous work [6] and introduce a countermeasure that stands against the latter attack. Finally, we mention a password guessing attack inspired by the work of Kim et al. [3] that can be mounted against the original protocol and both the improved versions.

Keywords

group key transfer insider attack replay attack guessing attack cryptanalysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Harn, L., Lin, C.: Authenticated Group Key Transfer Protocol based on Secret Sharing. IEEE Trans. Comput. 59(6), 842–846 (2010)CrossRefMathSciNetGoogle Scholar
  2. 2.
    Hsu, C., Zeng, B., Cheng, Q., Cui, G.: A novel group key transfer protocol. Cryptology ePrint Archive, Report 2012/043 (2012)Google Scholar
  3. 3.
    Kim, M., Park, N., Won, D.: Cryptanalysis of an Authenticated Group Key Transfer Protocol Based on Secret Sharing. In: Park, J.J(J.H.), Arabnia, H.R., Kim, C., Shi, W., Gil, J.-M. (eds.) GPC 2013. LNCS, vol. 7861, pp. 761–766. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    Manulis, M.: Survey on security requirements and models for group key exchange. Technical Report 2006/02, Horst-Görtz Institute, Network and Data Security Group (2008)Google Scholar
  5. 5.
    Nam, J., Kim, M., Paik, J., Jeon, W., Lee, B., Won, D.: Cryptanalysis of a Group Key Transfer Protocol Based on Secret Sharing. In: Kim, T.-h., Adeli, H., Slezak, D., Sandnes, F.E., Song, X., Chung, K.-i., Arnett, K.P. (eds.) FGIT 2011. LNCS, vol. 7105, pp. 309–315. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Olimid, R.F.: Cryptanalysis of a Password-based Group Key Exchange Protocol Using Secret Sharing. Appl. Math. Inf. Sci. 7(4), 1585–1590 (2013)CrossRefMathSciNetGoogle Scholar
  7. 7.
    Olimid, R.F.: On the Security of an Authenticated Group Key Transfer Protocol Based on Secret Sharing. In: Mustofa, K., Neuhold, E.J., Tjoa, A.M., Weippl, E., You, I. (eds.) ICT-EurAsia 2013. LNCS, vol. 7804, pp. 399–408. Springer, Heidelberg (2013)Google Scholar
  8. 8.
    Olimid, R.F.: A Chain of Attacks and Countermeasures Applied to a Group Key Transfer Protocol (abstract). Pre-Proceedings of WEWoRC, pp. 27–28 (2013)Google Scholar
  9. 9.
    Olimid, R.F.: On the Vulnerability of a Group Key Transfer Protocol based on Secret Sharing. To appear in Proceeding of IEEE 9th International Symposium on Applied Computational Intelligence and Informatics (2014)Google Scholar
  10. 10.
    Shamir, A.: How to Share a Secret. Commun. ACM 22(11), 612–613 (1979)CrossRefMATHMathSciNetGoogle Scholar
  11. 11.
    Sun, Y., Wen, Q., Sun, H., Li, W., Jin, Z., Zhang, H.: An Authenticated Group Key Transfer Protocol Based on Secret Sharing. Procedia Engineering 29, 403–408 (2012)CrossRefGoogle Scholar
  12. 12.
    Yuan, W., Hu, L., Li, H., Chu, J.: An Efficient Password-based Group Key Exchange Protocol Using Secret Sharing. Appl. Math. Inf. Sci. 7(1), 145–150 (2013)CrossRefMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of BucharestBucharestRomania
  2. 2.Applied Cryptography Group, OrangeCaenFrance

Personalised recommendations