Abstract
In this paper we analyse the security of two authenticated group key agreement schemes based on the group key agreement protocol of Burmester and Desmedt. One scheme was proposed by Burmester and Desmedt, and uses a separate authentication scheme to achieve authentication among the participants. We show that this scheme suffers from a number of security vulnerabilities. The other scheme was generated using the general protocol compiler of Katz and Yung. We show that in some circumstances, even if key confirmation is implemented, this scheme still suffers from insider attacks (which are not covered by the security model used by Katz and Yung).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22, 644–654 (1976)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 110–125. Springer, Heidelberg (1994)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Chen, L., Kudla, C.: Identity based authenticated key agreement protocols from pairings. In: Proc. of the 16th IEEE Computer Security Foundations Workshop — CSFW 2003, pp. 219–233. IEEE Computer Society Press, Los Alamitos (2003)
Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)
Ingemarsson, I., Tang, D., Wong, C.: A conference key distribution system. IEEE Transactions on Information Theory 28, 714–720 (1982)
Kim, Y., Perrig, A., Tsudik, G.: Communication-efficient group key agreement. In: Proc. IFIP TC11, 16th Annual Working Conference on Information Security, pp. 229–244 (2001)
Steer, D., Strawczynski, L., Diffie, W., Wiener, M.: A secure audio teleconference system. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 520–528. Springer, Heidelberg (1990)
Tzeng, W.: A practical and secure-fault-tolerant conferenc-key agreement protocol. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 1–13. Springer, Heidelberg (2000)
Tzeng, W.: A secure fault-tolerant conference-key agreement protocol. IEEE Transactions on Computers 51, 373–379 (2002)
Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: Santis, A.D. (ed.) Pre–Proceedings of Eurocrypt 1994, pp. 279–290 (1994)
Choi, K.Y., Hwang, J.Y., Lee, D.H.: Efficient ID-based group key agreement with bilinear maps. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 130–144. Springer, Heidelberg (2004)
Du, X.J., Wang, Y., Ge, J.H., Wang, Y.M.: ID-based authenticated two round multiparty key agreement. Cryptology ePrint Archive: Report 2003/247 (2003)
Du, X.J., Wang, Y., Ge, J.H., Wang, Y.M.: An improved ID-based authenticated group key agreement scheme. Cryptology ePrint Archive, Report 2003/260 (2003)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)
Zhang, F.G., Chen, X.F.: Attacks on two ID-based authenticated group key agreement schemes. Cryptology ePrint Archive, Report 2003/259 (2003)
Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 255–264. ACM Press, New York (2001)
Chaum, D., Evertse, J.H., Graaf, J., Peralta, R.: Demonstrating possession of a discrete logarithm without revealing it. In: Odlyzko, A.M. (ed.) Advances in Cryptology—CRYPTO 1986, pp. 200–212. Springer, Heidelberg (1987)
Katz, J., Shin, J.: Modeling insider attacks on group key-exchange protocols. Cryptology ePrint Archive: Report 2005/163 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tang, Q., Mitchell, C.J. (2005). Security Properties of Two Authenticated Conference Key Agreement Protocols. In: Qing, S., Mao, W., López, J., Wang, G. (eds) Information and Communications Security. ICICS 2005. Lecture Notes in Computer Science, vol 3783. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11602897_26
Download citation
DOI: https://doi.org/10.1007/11602897_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30934-5
Online ISBN: 978-3-540-32099-9
eBook Packages: Computer ScienceComputer Science (R0)