Skip to main content
SpringerLink
Log in

ID-Based Group Password-Authenticated Key Exchange

  • Conference paper
Advances in Information and Computer Security (IWSEC 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5824))

Included in the following conference series:

Abstract

Password-authenticated key exchange (PAKE) protocols are designed to be secure even when the secret key used for authentication is a human-memorable password. In this paper, we consider PAKE protocols in the group scenario, in which a group of clients, each of them shares his password with an “honest but curious” server, intend to establish a common secret key (i.e., a group key) with the help of the server. In this setting, the key established is known to the clients only and no one else, including the server. Each client needs to remember the password only while the server keeps passwords in addition to private keys related to its identity. Towards our goal, we present a compiler that transforms any group key exchange (KE) protocol which is secure against a passive eavesdropping to a group PAKE which is secure against an active adversary who controls all communications in the network. This compiler is built on a group KE protocol, an identity-based encryption (IBE) scheme, and an identity-based signature (IBS) scheme. It adds only two rounds and O(1) communication (per client) to the original group KE protocol. As long as the underlying group KE protocol, IBE scheme and an IBS scheme have provable security without random oracles, the group PAKE constructed by our compiler can be proven to be secure without random oracles.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdalla, M., Bohli, J.-M., González Vasco, M.I., Steinwandt, R. (Password) authenticated key establishment: From 2-party to group. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 499–514. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. Abdalla, M., Bresson, E., Chevassut, O., Pointcheval, D.: Password-based group key exchange in a constant number of rounds. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 427–442. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Google Scholar 

  4. Abdalla, M., Fouque, P.A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: IEE Proceedings in Information Security, vol. 153(1), pp. 27–39 (2006)

    Google Scholar 

  5. Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)

    Google Scholar 

  6. Abdalla, M., Pointcheval, D.: A scalable password-based group key exchange protocol in the standard model. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 332–347. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Ateniese, G., Steiner, M., Tsudik, G.: Authenticated group key agreement and friends. In: Proc. CCS 1998, pp. 17–26 (1998)

    Google Scholar 

  8. Ateniese, G., Steiner, M., Tsudik, G.: New multi-party authentication services and key agreement protocol. IEEE Journal on Selected Areas in Communications 4(18), 628–639 (2000)

    Article  Google Scholar 

  9. Bao, F., Deng, R.H., Zhu, H.: Variations of diffie-hellman problem. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 301–312. Springer, Heidelberg (2003)

    Google Scholar 

  10. Becker, C., Wille, U.: Communication complexity of group key distribution. In: Proc. CCS 1998, pp. 1–6 (1998)

    Google Scholar 

  11. Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocol. In: Proc. 30th Annual ACM Symposium on Theory of Computing, pp. 419–428 (1998)

    Google Scholar 

  12. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  13. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1993)

    Google Scholar 

  14. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocol secure against dictionary attack. In: Proc. 1992 IEEE Symposium on Research in Security and Privacy, May 1992, pp. 72–84 (1992)

    Google Scholar 

  15. Bird, R., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., Yung, M.: Systematic design of two-party authentication protocols. IEEE Journal on Selected Areas in Communications 11(5), 679–693 (1993)

    Article  Google Scholar 

  16. Bohli, J.M., Vasco, M.I.G., Steinwandt, R.: Password-authenticated constant-round group key establishment with a common reference string. Cryptology ePrint Archive, Report 2006/214 (2006), http://eprint.iacr.org/

  17. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  19. Boyd, C.: On key agreement and conference key agreement. In: Mu, Y., Pieprzyk, J.P., Varadharajan, V. (eds.) ACISP 1997. LNCS, vol. 1270, pp. 294–302. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  20. Boyd, C., Nieto, J.M.G.: Round-optimal contributory conference key agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Boyko, V., MacKenzie, P.D., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  22. Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group diffie-hellman key exchange - the dynamic case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group Diffie-Hellman key exchange. In: Proc. CCS 2001, pp. 255–264 (2001)

    Google Scholar 

  24. Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group diffie-hellman key exchange under standard assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321–336. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  25. Bresson, E., Chevassut, O., Pointcheval, D.: Group diffie-hellman key exchange secure against dictionary attacks. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 497–514. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  26. Bresson, E., Chevassut, O., Pointcheval, D.: Security proofs for an efficient password-based key exchange. In: Proc. CCS 2003, pp. 241–250 (2003)

    Google Scholar 

  27. Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Google Scholar 

  28. Bresson, E., Chevassut, O., Pointcheval, D.: A security solution for IEEE 802.11s ad-hoc mode: password-authentication and group-Diffie-Hellman key exchange. International Journal of Wireless and Mobile Computing 2(1), 4–13 (2007)

    Article  Google Scholar 

  29. Burmester, M., Desmedt, Y.G.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  30. Burmester, M., Desmedt, Y.G., Seberry, J.: Equitable key escrow with limited time span. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 380–391. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  31. Burmester, M., Desmedt, Y.: A secure and scalable group key exchange system. Information Processing Letters 94(3), 137–143 (2005)

    Article  MathSciNet  Google Scholar 

  32. Canetti, R., Krawczyk, H.: Key-exchange protocols and their use for building secure channels. In: Proc. Eurocrypt 2001, pp. 453–474 (2001)

    Google Scholar 

  33. Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  34. Canetti, R., Krawczyk, H.: Security analysis of iKE’s signature-based key-exchange protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 143–161. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  35. Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)

    Google Scholar 

  36. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory 32(2), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  37. Diffie, W., van Oorschot, P., Wiener, M.: Authentication and authenticated key exchange. Designs, Codes, and Cryptography 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  38. Galindo, D., Herranz, J., Kiltz, E.: On the generic construction of identity-based signatures with additional properties. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 178–193. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  39. Gentry, C.: Practical identity-based encryption without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  40. Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  41. Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attack. SIAM J. Computing 17(2), 281–308 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  42. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security 2(3), 230–268 (1999)

    Article  Google Scholar 

  43. Ingemarsson, I., Tang, D.T., Wong, C.K.: A conference key distribution system. IEEE Transactions on Information Theory 28(5), 714–720 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  44. Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Proc. Asiacrypt 1996, pp. 36–49 (1996)

    Google Scholar 

  45. Jiang, S., Gong, G.: Password based key exchange with mutual authentication. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 267–279. Springer, Heidelberg (2004)

    Google Scholar 

  46. Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  47. Katz, J., Ostrovsky, R., Yung, M.: Forward secrecy in password-only key exchange protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29–44. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  48. Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)

    Google Scholar 

  49. Kim, H.-J., Lee, S.-M., Lee, D.-H.: Constant-round authenticated group key exchange for dynamic groups. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 245–259. Springer, Heidelberg (2004)

    Google Scholar 

  50. Kim, Y., Perig, A., Tsudik, G.: Simper and fault-tolerant key agreement for dynamic collaborative groups. In: Proc. CCS 2000, pp. 235–244 (2000)

    Google Scholar 

  51. Kim, Y., Perrig, A., Tsudik, G.: Communication-efficient group key agreement. In: Proc. IFIP TC11 16th Annual Working Conference on Information Security (IFIP/SEC), pp. 229–244 (2001)

    Google Scholar 

  52. Kown, J.O., Jeong, I.R., Sakurai, K., Lee, D.H.: Password-authenticated multi-party key exchange with different passwords. Cryptology ePrint Archive, Report 2006/476, http://eprint.iacr.org

  53. Maurer, U.M., Wolf, S.: Diffie-hellman oracles. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 268–282. Springer, Heidelberg (1996)

    Google Scholar 

  54. Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 207–222. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  55. Patel, S.: Number-theoretic attack on secure password scheme. In: Proc. IEEE Symposium on Research in Security and Privacy, pp. 236–247 (1997)

    Google Scholar 

  56. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Errors in computational complexity proofs for protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 624–643. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  57. Steer, D.G., Strawczynski, L., Diffie, W., Wiener, M.: A secure audio teleconference system. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 520–528. Springer, Heidelberg (1998)

    Google Scholar 

  58. Steiner, M., Tsudik, G., Widner, M.: Key agreement in dynamic peer groups. IEEE Transactions on Parallel and Distributed Systems 11(8), 769–780 (2000)

    Article  Google Scholar 

  59. Tzeng, W.-G.: A practical and secure fault-tolerant conference-key agreement protocol. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 1–13. Springer, Heidelberg (2000)

    Google Scholar 

  60. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Engineering and Science, Victoria University, Melbourne, Victoria, 8001, Australia

    Xun Yi

  2. Department of Computer Science, National Chengchi University, Taipei, 11605, Taiwan

    Raylin Tso

  3. Department of Risk Engineering, University of Tsukuba, Tsukuba,Ibaraki, 305-8573, Japan

    Eiji Okamoto

Authors
  1. Xun Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Raylin Tso
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eiji Okamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Systems Information Science, Future University-Hakodate, 116-2 Kamedanakano-cho, Hakodate Hokkaido, Japan

    Tsuyoshi Takagi

  2. Graduate School of Systems and Information Engineering, University of Tsukuba, 305-8573, Tsukuba, Japan

    Masahiro Mambo

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yi, X., Tso, R., Okamoto, E. (2009). ID-Based Group Password-Authenticated Key Exchange. In: Takagi, T., Mambo, M. (eds) Advances in Information and Computer Security. IWSEC 2009. Lecture Notes in Computer Science, vol 5824. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04846-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04846-3_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04845-6

  • Online ISBN: 978-3-642-04846-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation