This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group...This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.展开更多
Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to cons...Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem(TCSP) is hard in near-ring.展开更多
External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in...External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.展开更多
ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis i...ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis is proposed in this paper. The improved method takes full advantage of the data transmitted at various stages of the protocol. By guaranteeing the freshness of authentication messages, the authenticity of the generator of authentication messages, and the completeness of the authenticator, the improved protocol can resist various passive and active attacks. The forward secrecy of the improved protocol is proved under a Katz-Yung (KY) model. Compared with existing methods, the improved protocol is more effective and applicable.展开更多
The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which ...The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which was obtained by combining the ElGamal encryption scheme with the ElGamal signature scheme,is efficient and simple.The protocol is proven secure against passive attack by using indistinguishable method.Moreover,both perfect forward secrecy(PFS)and key independence(KI)were achieved.Because the protocol is based on the broadcast channel,it is also suitable for key agreement in wireless communications,especially in ad-hoc networks.展开更多
Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based grou...Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol - nPAKE^+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE^+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE^+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.展开更多
文摘This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.
文摘Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem(TCSP) is hard in near-ring.
基金Supported by the National Natural Science Funda-tion of China (60403027)
文摘External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.
基金supported by the Key Project of National Defense Basic Research Program of China (No. B1120132031)
文摘ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis is proposed in this paper. The improved method takes full advantage of the data transmitted at various stages of the protocol. By guaranteeing the freshness of authentication messages, the authenticity of the generator of authentication messages, and the completeness of the authenticator, the improved protocol can resist various passive and active attacks. The forward secrecy of the improved protocol is proved under a Katz-Yung (KY) model. Compared with existing methods, the improved protocol is more effective and applicable.
基金supported by the National Natural Science Foundation of China(Grant No.90304009).
文摘The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which was obtained by combining the ElGamal encryption scheme with the ElGamal signature scheme,is efficient and simple.The protocol is proven secure against passive attack by using indistinguishable method.Moreover,both perfect forward secrecy(PFS)and key independence(KI)were achieved.Because the protocol is based on the broadcast channel,it is also suitable for key agreement in wireless communications,especially in ad-hoc networks.
基金supported in part by the Concerted Research Action(GOA)Ambiorics 2005/11 of the Flemish Government and by the IAP Programme P6/26 BCRYPT of the Belgian State(Belgian Science Policy)Zhiguo Wan is supported in part by a research grant of the IBBT(Interdisciplinary institute for BroadBand Technology)of the Flemish Government.
文摘Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol - nPAKE^+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE^+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE^+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.
