Group Key Agreement(GKA)is a cryptographic primitive allowing two or more entities to negotiate a shared session key over public networks.In existing GKA models,it is an open problem to construct a one-round multi-par...Group Key Agreement(GKA)is a cryptographic primitive allowing two or more entities to negotiate a shared session key over public networks.In existing GKA models,it is an open problem to construct a one-round multi-party GKA protocol.Wu et al.recently proposed the concept of asymmetric group key agreement(ASGKA)and realized a one-round ASGKA protocol,which affirmatively answers the above open problem in a relaxed way.However,the ASGKA protocol only applies to static groups.To fill this gap,this paper proposes an extended ASGKA protocol based on the Wu et al.protocol.The extension allows any member to join and leave at any point,provided that the resulting group size is not greater than n.To validate the proposal,extensive experiments are performed and the experimental results show that our protocol is more effective than a plain realization of the Wu et al.protocol for dynamic groups.The extended protocol is also more efficient than the up-to-date dynamic GKA protocol in terms of communication and computation.展开更多
Secure and reliable group communication is an increasingly active research area by growing popularity in group-oriented and collaborative applications. In this paper, we propose the first identity-based authenticated ...Secure and reliable group communication is an increasingly active research area by growing popularity in group-oriented and collaborative applications. In this paper, we propose the first identity-based authenticated group key agreement in multiple private key generators (PKG) environment. It is inspired on a new two-party identity-based key agreement protocol first proposed by Hoonjung Lee et al. In our scheme, although each member comes from different domain and belongs to different PKGs which do not share the common system parameters, they can agree on a shared secret group key. We show that our scheme satisfies every security requirements of the group key agreement protocols.展开更多
Group communication is widely used by most of the emerging network applications like telecommunication,video conferencing,simulation applications,distributed and other interactive systems.Secured group communication p...Group communication is widely used by most of the emerging network applications like telecommunication,video conferencing,simulation applications,distributed and other interactive systems.Secured group communication plays a vital role in case of providing the integrity,authenticity,confidentiality,and availability of the message delivered among the group members with respect to communicate securely between the inter group or else within the group.In secure group communications,the time cost associated with the key updating in the proceedings of the member join and departure is an important aspect of the quality of service,particularly in the large groups with highly active membership.Hence,the paper is aimed to achieve better cost and time efficiency through an improved DC multicast routing protocol which is used to expose the path between the nodes participating in the group communication.During this process,each node constructs an adaptive Ptolemy decision tree for the purpose of generating the contributory key.Each of the node is comprised of three keys which will be exchanged between the nodes for considering the group key for the purpose of secure and cost-efficient group communication.The rekeying process is performed when a member leaves or adds into the group.The performance metrics of novel approach is measured depending on the important factors such as computational and communicational cost,rekeying process and formation of the group.It is concluded from the study that the technique has reduced the computational and communicational cost of the secure group communication when compared to the other existing methods.展开更多
The security issue is always the most important concern of networked client-server application. On the putpose to build the secure group communication among of a group of client users and one server, in this paper, we...The security issue is always the most important concern of networked client-server application. On the putpose to build the secure group communication among of a group of client users and one server, in this paper, we will present a new password-based group key agreement protocol. Our protocol will meet simplicity, efficiency, and many desired security properties.展开更多
We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software upda...We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.展开更多
Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD ...Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD protocol , which is fully authenticated by a proven-secure ID-based signature scheme. T he protocol can res ist the impersonation attack, and other security attributes are also satisfied. Compared with Choi et al and Du et al schemes, the proposed one is mor e efficient and applicable for dynamic groups.展开更多
In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or join...In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or joins the group, group center (GC) immediately changes the common encryption key and sends the new key to all valid members for forward and backward secrecy. If valid members are not on-line, they will miss the re-keying messages and will not be able to decrypt any ciphertext. Therefore, group members must be able to store the state of the system. In some applications, like global positioning systems (GPS) or pay-per-view systems, it is not reasonable to ask group members to stay on-line all the time and save the changes to the system. A hierarchical binary tree-based key management scheme are proposed for a secure group communication. This scheme reduces the key storage requirement of GC to a constant size and the group members are not required to be on-line constantly (stateless).展开更多
This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group...This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.展开更多
As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dy...As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dynamic multicast group have been researched and a solution based on SubGroup Secure Controllers (SGSCs) is presented, which solves many problems in IOLUS system and WGL scheme.展开更多
ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis i...ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis is proposed in this paper. The improved method takes full advantage of the data transmitted at various stages of the protocol. By guaranteeing the freshness of authentication messages, the authenticity of the generator of authentication messages, and the completeness of the authenticator, the improved protocol can resist various passive and active attacks. The forward secrecy of the improved protocol is proved under a Katz-Yung (KY) model. Compared with existing methods, the improved protocol is more effective and applicable.展开更多
The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which ...The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which was obtained by combining the ElGamal encryption scheme with the ElGamal signature scheme,is efficient and simple.The protocol is proven secure against passive attack by using indistinguishable method.Moreover,both perfect forward secrecy(PFS)and key independence(KI)were achieved.Because the protocol is based on the broadcast channel,it is also suitable for key agreement in wireless communications,especially in ad-hoc networks.展开更多
Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to cons...Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem(TCSP) is hard in near-ring.展开更多
By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is p...By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.展开更多
Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-...Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-Huffman) scheme.First,users are separated into several small groups to minimize communication cost when they are distributed over large networks.Second,both user's computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree.Third,the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time.Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme.展开更多
External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in...External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.展开更多
Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually lo...Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.展开更多
There are various challenges that are faced in group communication, so it is necessary to ensure session key. Key agreement is the fundamental cryptographic primitive for establishing a secure communication. It is a p...There are various challenges that are faced in group communication, so it is necessary to ensure session key. Key agreement is the fundamental cryptographic primitive for establishing a secure communication. It is a process of computing a shared secret contributed by two or more entities such that no single node can predetermine the resulting value. An authenticated key agreement is attained by combining the key agreement protocol with digital signatures. After a brief introduction to existing key agreement in group communication, Making use of the additive-multiplicative homomorphism in the integer ring defined by Sander and Tschudin: A new protocols, called the homomorphism key agreement, was designed, which can be self-contributory, robust, scalable and applicable in group communication.展开更多
Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highl...Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers (SMs) play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on leaving probability (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.展开更多
Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based grou...Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol - nPAKE^+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE^+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE^+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.展开更多
基金National Natural Science Foundation of China under Grant No. 60970116,60970115 and 90718006
文摘Group Key Agreement(GKA)is a cryptographic primitive allowing two or more entities to negotiate a shared session key over public networks.In existing GKA models,it is an open problem to construct a one-round multi-party GKA protocol.Wu et al.recently proposed the concept of asymmetric group key agreement(ASGKA)and realized a one-round ASGKA protocol,which affirmatively answers the above open problem in a relaxed way.However,the ASGKA protocol only applies to static groups.To fill this gap,this paper proposes an extended ASGKA protocol based on the Wu et al.protocol.The extension allows any member to join and leave at any point,provided that the resulting group size is not greater than n.To validate the proposal,extensive experiments are performed and the experimental results show that our protocol is more effective than a plain realization of the Wu et al.protocol for dynamic groups.The extended protocol is also more efficient than the up-to-date dynamic GKA protocol in terms of communication and computation.
基金Supported bythe National Basic Research Programof China(973 Program2004CB318004) the National Natural Sci-ence Foundation of China (90304007)
文摘Secure and reliable group communication is an increasingly active research area by growing popularity in group-oriented and collaborative applications. In this paper, we propose the first identity-based authenticated group key agreement in multiple private key generators (PKG) environment. It is inspired on a new two-party identity-based key agreement protocol first proposed by Hoonjung Lee et al. In our scheme, although each member comes from different domain and belongs to different PKGs which do not share the common system parameters, they can agree on a shared secret group key. We show that our scheme satisfies every security requirements of the group key agreement protocols.
文摘Group communication is widely used by most of the emerging network applications like telecommunication,video conferencing,simulation applications,distributed and other interactive systems.Secured group communication plays a vital role in case of providing the integrity,authenticity,confidentiality,and availability of the message delivered among the group members with respect to communicate securely between the inter group or else within the group.In secure group communications,the time cost associated with the key updating in the proceedings of the member join and departure is an important aspect of the quality of service,particularly in the large groups with highly active membership.Hence,the paper is aimed to achieve better cost and time efficiency through an improved DC multicast routing protocol which is used to expose the path between the nodes participating in the group communication.During this process,each node constructs an adaptive Ptolemy decision tree for the purpose of generating the contributory key.Each of the node is comprised of three keys which will be exchanged between the nodes for considering the group key for the purpose of secure and cost-efficient group communication.The rekeying process is performed when a member leaves or adds into the group.The performance metrics of novel approach is measured depending on the important factors such as computational and communicational cost,rekeying process and formation of the group.It is concluded from the study that the technique has reduced the computational and communicational cost of the secure group communication when compared to the other existing methods.
基金Supported by the National Natural Science Foun-dation of China (60572155) the National Natural Science Founda-tion of China for Distinguished Young Scholars (60225007)
文摘The security issue is always the most important concern of networked client-server application. On the putpose to build the secure group communication among of a group of client users and one server, in this paper, we will present a new password-based group key agreement protocol. Our protocol will meet simplicity, efficiency, and many desired security properties.
基金Supported by the National Natural Science Foun-dation of China (90304007) the National Basic Research Programof China(973 Program2004CB318004)
文摘We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.
文摘Two ID-based authenticated group key agreement schemes, proposed by Choi et al and Du et al, are insecure against an impersonation attack and th ey only discussed the static group. This paper proposed a variant of BD protocol , which is fully authenticated by a proven-secure ID-based signature scheme. T he protocol can res ist the impersonation attack, and other security attributes are also satisfied. Compared with Choi et al and Du et al schemes, the proposed one is mor e efficient and applicable for dynamic groups.
文摘In a secure group communication system, messages must be encrypted before being transmitted to group members to prevent unauthorized access. In many secure group communication schemes, whenever a member leaves or joins the group, group center (GC) immediately changes the common encryption key and sends the new key to all valid members for forward and backward secrecy. If valid members are not on-line, they will miss the re-keying messages and will not be able to decrypt any ciphertext. Therefore, group members must be able to store the state of the system. In some applications, like global positioning systems (GPS) or pay-per-view systems, it is not reasonable to ask group members to stay on-line all the time and save the changes to the system. A hierarchical binary tree-based key management scheme are proposed for a secure group communication. This scheme reduces the key storage requirement of GC to a constant size and the group members are not required to be on-line constantly (stateless).
文摘This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.
文摘As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dynamic multicast group have been researched and a solution based on SubGroup Secure Controllers (SGSCs) is presented, which solves many problems in IOLUS system and WGL scheme.
基金supported by the Key Project of National Defense Basic Research Program of China (No. B1120132031)
文摘ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis is proposed in this paper. The improved method takes full advantage of the data transmitted at various stages of the protocol. By guaranteeing the freshness of authentication messages, the authenticity of the generator of authentication messages, and the completeness of the authenticator, the improved protocol can resist various passive and active attacks. The forward secrecy of the improved protocol is proved under a Katz-Yung (KY) model. Compared with existing methods, the improved protocol is more effective and applicable.
基金supported by the National Natural Science Foundation of China(Grant No.90304009).
文摘The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which was obtained by combining the ElGamal encryption scheme with the ElGamal signature scheme,is efficient and simple.The protocol is proven secure against passive attack by using indistinguishable method.Moreover,both perfect forward secrecy(PFS)and key independence(KI)were achieved.Because the protocol is based on the broadcast channel,it is also suitable for key agreement in wireless communications,especially in ad-hoc networks.
文摘Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem(TCSP) is hard in near-ring.
文摘By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.
基金Supported by National Basic Research and Development Program of China (2007CB307102)
文摘Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-Huffman) scheme.First,users are separated into several small groups to minimize communication cost when they are distributed over large networks.Second,both user's computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree.Third,the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time.Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme.
基金Supported by the National Natural Science Funda-tion of China (60403027)
文摘External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.
基金The National Natural Science Foundation of China (No.60403027)the Research Foundation for Out-standing Young Teachers, China University of Geosciences(Wuhan) (No.CUGQNL0836)
文摘Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.
基金National Natural Science Foundation of China(No.90104005)
文摘There are various challenges that are faced in group communication, so it is necessary to ensure session key. Key agreement is the fundamental cryptographic primitive for establishing a secure communication. It is a process of computing a shared secret contributed by two or more entities such that no single node can predetermine the resulting value. An authenticated key agreement is attained by combining the key agreement protocol with digital signatures. After a brief introduction to existing key agreement in group communication, Making use of the additive-multiplicative homomorphism in the integer ring defined by Sander and Tschudin: A new protocols, called the homomorphism key agreement, was designed, which can be self-contributory, robust, scalable and applicable in group communication.
文摘Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers (SMs) play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on leaving probability (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.
基金supported in part by the Concerted Research Action(GOA)Ambiorics 2005/11 of the Flemish Government and by the IAP Programme P6/26 BCRYPT of the Belgian State(Belgian Science Policy)Zhiguo Wan is supported in part by a research grant of the IBBT(Interdisciplinary institute for BroadBand Technology)of the Flemish Government.
文摘Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol - nPAKE^+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE^+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE^+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.
