Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present ...Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.展开更多
Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of pr...Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of protocols as broadcaster group protocols. It points out two attacks on this kind of protocols. The first attack can be avoided by using fresh values in each action during one session of the group protocol. The second attack should be related with concrete application. It also proposes a dynamic key agreement protocol as an example of solutions at the last part of the paper.展开更多
Civic groups refer to various organizational forms and their networks spontaneously established by citizens from all walks of society and to some extent they are usually of non-profit,nongovernmental,self-governance,o...Civic groups refer to various organizational forms and their networks spontaneously established by citizens from all walks of society and to some extent they are usually of non-profit,nongovernmental,self-governance,organizational and voluntary features.1 The words'civic groups'were of the same origin with展开更多
Cross-domain password-based authenticated key exchange (PAKE) protocols have been studied for many years. However, these protocols are mainly focusing on multi-participant within a single domain in an open network e...Cross-domain password-based authenticated key exchange (PAKE) protocols have been studied for many years. However, these protocols are mainly focusing on multi-participant within a single domain in an open network environment. This paper proposes a novel approach for designing a cross-domain group PAKE protocol, that primarily handles with the setting of multi-participant in the multi- domain. Moreover, our protocol is proved secure against active adversary in the Real-or-Random (ROR) model. In our protocol, no interaction occurs between any two domain authentication servers. They are regarded as ephemeral certificate authorities (CAs) to certify key materials that participants might subsequently use to exchange and agree on group session key. We further justify the computational complexity and measure the average computation time of our protocol. To the best of our knowledge, this is the first work to analyze and discuss a provably secure multi-participant cross-domain group PAKE protocol.展开更多
Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,t...Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.展开更多
So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols...So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols are insecure on this attack. In this paper, for resisting above attack, we propose a dynamic authenticated group key exchange (AGKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize bilinear pairings, which makes it more efficient. At last, we analyze the security of the protocol in the cCK (enhanced Canetti-Krawczyk) security model.展开更多
基金Supported by the National Natural Science Foundation of China (90204012, 60573035, 60573036) and the University IT Research Center Project of Korea
文摘Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.
基金Supported by the National Natural Science Foun-dation of China (90104005 ,60473023) the National High Tech-nology Research and Development Programof China (863 Program)(2002AA41051)
文摘Group key exchange protocols are basic protocols to provide privacy and integrity in secure group communication. This paper discusses the security of one type of group key exchange protocols and defines the kind of protocols as broadcaster group protocols. It points out two attacks on this kind of protocols. The first attack can be avoided by using fresh values in each action during one session of the group protocol. The second attack should be related with concrete application. It also proposes a dynamic key agreement protocol as an example of solutions at the last part of the paper.
文摘Civic groups refer to various organizational forms and their networks spontaneously established by citizens from all walks of society and to some extent they are usually of non-profit,nongovernmental,self-governance,organizational and voluntary features.1 The words'civic groups'were of the same origin with
基金This paper was supported by National 863 Program (2013AA01A212), the National Natural Science Foundation of China (Grant Nos. 61370063, 61272512 and 61300177). Beijing Municipal Natural Science Foundation (4121001), Basic Research Foundation of Beijing Institute of Technology (20120742010 and 2013074200).
文摘Cross-domain password-based authenticated key exchange (PAKE) protocols have been studied for many years. However, these protocols are mainly focusing on multi-participant within a single domain in an open network environment. This paper proposes a novel approach for designing a cross-domain group PAKE protocol, that primarily handles with the setting of multi-participant in the multi- domain. Moreover, our protocol is proved secure against active adversary in the Real-or-Random (ROR) model. In our protocol, no interaction occurs between any two domain authentication servers. They are regarded as ephemeral certificate authorities (CAs) to certify key materials that participants might subsequently use to exchange and agree on group session key. We further justify the computational complexity and measure the average computation time of our protocol. To the best of our knowledge, this is the first work to analyze and discuss a provably secure multi-participant cross-domain group PAKE protocol.
基金supported by National Natural Science Foundation of China No.61003262,National Natural Science Foundation of China No.60873237Doctoral Fund of Ministry of Education of China No.20070007071
文摘Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.
基金Supported by the National Natural Science Foundation ofChina (60773035)
文摘So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties' ephemeral private keys without their long-term private keys, so these GKE protocols are insecure on this attack. In this paper, for resisting above attack, we propose a dynamic authenticated group key exchange (AGKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize bilinear pairings, which makes it more efficient. At last, we analyze the security of the protocol in the cCK (enhanced Canetti-Krawczyk) security model.
