Abstract
Multi-party key agreement protocols indirectly assume that each principal equally contributes to the final form of the key. In this paper we consider three malleability attacks on multi-party key agreement protocols. The first attack, called strong key control allows a dishonest principal (or a group of principals) to fix the key to a pre-set value. The second attack is weak key control in which the key is still random, but the set from which the key is drawn is much smaller than expected. The third attack is named selective key control in which a dishonest principal (or a group of dishonest principals) is able to remove a contribution of honest principals to the group key. The paper discusses the above three attacks on several key agreement protocols, including DH (Diffie-Hellman), BD (Burmester-Desmedt) and JV (Just-Vaudenay). We show that dishonest principals in all three protocols can weakly control the key, and the only protocol which does not allow for strong key control is the DH protocol. The BD and JV protocols permit to modify the group key by any pair of neighboring principals. This modification remains undetected by honest principals.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
G. Ateniese, M. Steiner and G. Tsudik. Authenticated Group Key Agreement and Friends. ACM CCCS ‘88.
G. Ateniese, M. Steiner and G. Tsudik. New Multi-Party Authentication Services and Key Agreement Protocols. IEEE Journal on Selected Areas in Communications 18(4):628–639, 2000.
C. Boyd. On key agreement and conference key agreement. ACISP97.
M. Burmester and Y. Desmedt. A secure and efficient conference key distribution system. In A. De Santis, editor Advances in Cryptology - EUROCRYPT’94 pages 275–286. Springer, 1995. Lecture Notes in Computer Science No. 950.
Y. Desmedt, J. Pieprzyk, R. Steinfeld and H. Wang. A Non-Malleable Group Key Exchange Protocol Robust Against Active Insiders. Preprint, 2004 (31 pages).
W. Diffie and M.E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory 22:644–654, 1976.
W. Diffie, P. Van Oorschot, and M. Wiener. Authentication and authenticated key exchanges. Designs, Codes, and Cryptography 2:107–125,1992.
J. Katz and M. Yung. Scalable Protocols for Authenticated Group Key Exchange. Advances in Cryptology - CRYPTO’03 pages 110–125, Springer, 2003. Lecture Notes in Computer Science, No. 2729.
M. Just and S. Vaudenay. Authenticated multi-party key agreement. In K. Kim and T. Matsumoto, editors Advances in Cryptology - ASIACRYPT’96 pages 36–49. Springer, 1996. Lecture Notes in Computer Science No. 1163.
A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, 1997.
C.J. Mitchell, M. Ward, and P. Wilson. Key control in key agreement protocols. Electronics Letters 34(10):980–981, 1998.
R.M. Needham and M.D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM 21(12):993–999, December 1978.
T.P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor Advances in Cryptology - CRYPTO’91 pages 129–140. Springer, 1992. Lecture Notes in Computer Science No. 576.
W.-G. Tzeng. A Practical and Secure Fault-Tolerant Conference Key Agreement Protocol. PKC 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Basel AG
About this paper
Cite this paper
Pieprzyk, J., Wang, H. (2004). Malleability Attacks on Multi-Party Key Agreement Protocols. In: Feng, K., Niederreiter, H., Xing, C. (eds) Coding, Cryptography and Combinatorics. Progress in Computer Science and Applied Logic, vol 23. Birkhäuser, Basel. https://doi.org/10.1007/978-3-0348-7865-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-0348-7865-4_19
Publisher Name: Birkhäuser, Basel
Print ISBN: 978-3-0348-9602-3
Online ISBN: 978-3-0348-7865-4
eBook Packages: Springer Book Archive