Malleability Attacks on Multi-Party Key Agreement Protocols

Pieprzyk, Josef; Wang, Huaxiong

doi:10.1007/978-3-0348-7865-4_19

Josef Pieprzyk⁷ &
Huaxiong Wang⁷

Part of the book series: Progress in Computer Science and Applied Logic ((PCS,volume 23))

549 Accesses
6 Citations

Abstract

Multi-party key agreement protocols indirectly assume that each principal equally contributes to the final form of the key. In this paper we consider three malleability attacks on multi-party key agreement protocols. The first attack, called strong key control allows a dishonest principal (or a group of principals) to fix the key to a pre-set value. The second attack is weak key control in which the key is still random, but the set from which the key is drawn is much smaller than expected. The third attack is named selective key control in which a dishonest principal (or a group of dishonest principals) is able to remove a contribution of honest principals to the group key. The paper discusses the above three attacks on several key agreement protocols, including DH (Diffie-Hellman), BD (Burmester-Desmedt) and JV (Just-Vaudenay). We show that dishonest principals in all three protocols can weakly control the key, and the only protocol which does not allow for strong key control is the DH protocol. The BD and JV protocols permit to modify the group key by any pair of neighboring principals. This modification remains undetected by honest principals.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Hardcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

G. Ateniese, M. Steiner and G. Tsudik. Authenticated Group Key Agreement and Friends. ACM CCCS ‘88.
Google Scholar
G. Ateniese, M. Steiner and G. Tsudik. New Multi-Party Authentication Services and Key Agreement Protocols. IEEE Journal on Selected Areas in Communications 18(4):628–639, 2000.
Article Google Scholar
C. Boyd. On key agreement and conference key agreement. ACISP97.
Google Scholar
M. Burmester and Y. Desmedt. A secure and efficient conference key distribution system. In A. De Santis, editor Advances in Cryptology - EUROCRYPT’94 pages 275–286. Springer, 1995. Lecture Notes in Computer Science No. 950.
Google Scholar
Y. Desmedt, J. Pieprzyk, R. Steinfeld and H. Wang. A Non-Malleable Group Key Exchange Protocol Robust Against Active Insiders. Preprint, 2004 (31 pages).
Google Scholar
W. Diffie and M.E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory 22:644–654, 1976.
Article MathSciNet MATH Google Scholar
W. Diffie, P. Van Oorschot, and M. Wiener. Authentication and authenticated key exchanges. Designs, Codes, and Cryptography 2:107–125,1992.
Article Google Scholar
J. Katz and M. Yung. Scalable Protocols for Authenticated Group Key Exchange. Advances in Cryptology - CRYPTO’03 pages 110–125, Springer, 2003. Lecture Notes in Computer Science, No. 2729.
MathSciNet Google Scholar
M. Just and S. Vaudenay. Authenticated multi-party key agreement. In K. Kim and T. Matsumoto, editors Advances in Cryptology - ASIACRYPT’96 pages 36–49. Springer, 1996. Lecture Notes in Computer Science No. 1163.
Google Scholar
A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, 1997.
MATH Google Scholar
C.J. Mitchell, M. Ward, and P. Wilson. Key control in key agreement protocols. Electronics Letters 34(10):980–981, 1998.
Article Google Scholar
R.M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM 21(12):993–999, December 1978.
Article MATH Google Scholar
T.P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor Advances in Cryptology - CRYPTO’91 pages 129–140. Springer, 1992. Lecture Notes in Computer Science No. 576.
Google Scholar
W.-G. Tzeng. A Practical and Secure Fault-Tolerant Conference Key Agreement Protocol. PKC 2000.
Google Scholar

Download references

Author information

Authors and Affiliations

Centre for Advanced Computing - Algorithms and Cryptography Department of Computing, Macquarie University, Australia
Josef Pieprzyk & Huaxiong Wang

Authors

Josef Pieprzyk
View author publications
You can also search for this author in PubMed Google Scholar
Huaxiong Wang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Mathematical Sciences, Tsinghua University, Beijing, 100084, China
Keqin Feng
Department of Mathematics, National University of Singapore, 2 Science Drive 2, Singapore, 117543, Republic of Singapore
Harald Niederreiter & Chaoping Xing &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pieprzyk, J., Wang, H. (2004). Malleability Attacks on Multi-Party Key Agreement Protocols. In: Feng, K., Niederreiter, H., Xing, C. (eds) Coding, Cryptography and Combinatorics. Progress in Computer Science and Applied Logic, vol 23. Birkhäuser, Basel. https://doi.org/10.1007/978-3-0348-7865-4_19

Download citation

DOI: https://doi.org/10.1007/978-3-0348-7865-4_19
Publisher Name: Birkhäuser, Basel
Print ISBN: 978-3-0348-9602-3
Online ISBN: 978-3-0348-7865-4
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics