So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols...So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols are insecure on this attack. In this paper, for resisting above attack, we propose a dynamic authenticated group key exchange (AGKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize bilinear pairings, which makes it more efficient. At last, we analyze the security of the protocol in the cCK (enhanced Canetti-Krawczyk) security model.展开更多
基金Supported by the National Natural Science Foundation ofChina (60773035)
文摘So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols are insecure on this attack. In this paper, for resisting above attack, we propose a dynamic authenticated group key exchange (AGKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize bilinear pairings, which makes it more efficient. At last, we analyze the security of the protocol in the cCK (enhanced Canetti-Krawczyk) security model.
