Article

A provable authenticated certificateless group key agreement with constant rounds

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to n - 2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... A security model for a certificateless group key agreement protocol and a constant-round group key agreement protocol based on certificateless public key cryptography is presented in Ref. [5]. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. ...
... We compared and analyzed the literature that can be quantified in recent years. We compare the proposed protocol with the related works [5,6,10,12] in communication costs, computation costs and time costs. Below are the few notations and data that are going to be used in comparison [11] . ...
... From Table 1, BD-GKA protocol and Wang et al. [12] have similar computational complexity and have the lowest computational complexity. Islam et al. [6] and Teng et al. [5] have higher computational complexity. Ermis et al. [10] has the highest computational complexity. ...
Article
Full-text available
Group key agreement (GKA) is one of the key technologies for ensuring information exchange security among group members. While GKA is widely used in secure multi‐party computation, safety of resources sharing, and distributed collaborative computing. It still has some security flaws and limitations. We proposes a Blockchain‐based dynamic Group key agreement (BDGKA) protocol. In contrast to prior works, BDGKA differs in several significant ways: 1) anonymous identity authenticationit can prevent privacy leaks; 2) traceability‐it can track illegal operating entities; 3) load balancing‐it balances computation and communication to each node, avoiding the breakdown of single‐point and network bottlenecks. This protocol is proven secure under the hardness assumption of decision bilinear DiffieHellman. The performance analysis shows that it is more efficient than the referred works.
... 1) Propose a certificateless group authenticated key agreement protocol dedicated to untrusted UAV networks, based on the theoretical work of Teng et al. [4]; 2) Implement and analyze the performance of the key agreement protocol with a set of Raspberry Pi 3 Model B+ system-on-chip (1.4GHz Cortex-A53). ...
... While the majority of CL-AKA protocols have been proposed for two-party key agreement, fewer address the problem of group key agreement [4], [24]- [27], i.e. more than two entities. A group-based protocol is of significant interest for swarm-based applications, as a single key is required for an entire fleet. ...
... A group-based protocol is of significant interest for swarm-based applications, as a single key is required for an entire fleet. In 2012, Teng et al. [4] proposed a group key agreement with constant rounds, meaning that the number of rounds is independent from the number of users. Considering that a set of messages must be broadcast after each round, this feature is of particular interest in UANET applications. ...
... This section also compares major functionalities and performances of proposed ECC-AGKE protocol with some similar existing protocols. 24,26,27,[31][32][33]35 We consider some notations about the computational complexities in Table 2. The different time costs of the cryptographic operations meet the following relations: ...
... In this section, a comparative analysis of our ECC-AGKE protocol with previous studies 24,26,27,[31][32][33]35 is done. We have done the same computation on the existing protocol 24,26,27,[31][32][33]35 to calculate their computation costs. ...
... In this section, a comparative analysis of our ECC-AGKE protocol with previous studies 24,26,27,[31][32][33]35 is done. We have done the same computation on the existing protocol 24,26,27,[31][32][33]35 to calculate their computation costs. The result of comparative analysis is shown in the Table 3, and it confirmed that our proposed ECC-AGKE protocol is better. ...
Article
With the rapid demand for various increasing applications, the internet users require a common secret key to communicate among a group. The traditional key exchange protocols involve a trusted key generation center for generation and distribution of the group key among the various group members. Therefore, the establishment of a trusted key generation center server and the generation (and distribution) of common session key require an extra overhead. To avoid this difficulty, a number of group key exchange protocols have been proposed in the literature. However, these protocols are vulnerable to many attacks and have a high computational and communication cost. In this paper, we present an elliptic curve cryptography–based authenticated group key exchange (ECC-AGKE) protocol, which provides better security and has lower computational cost compared to related proposed schemes. Further, a complexity reduction method is deployed to reduce the overall complexity of the proposed elliptic curve cryptography–based authenticated group key exchange protocol. The security of proposed work is ensured by the properties of elliptic curves. A security adversarial model is given and an extensive formal security analysis against our claim is done in the random oracle model. We also made a comparison of our proposed protocol with similar works and found that ours have better complexity, security and efficiency over others.
... The reason behind the popularity of CL-PKC is that it is free from heavy certificate management burden in PKI-based AKA protocols and the key escrow problem in identity based group key agreement protocols. Since the first CL-AKA protocol [1] was proposed in 2003 by Al-Riyami and Paterson, many group key agreement protocols based on CL-PKC have been proposed [2][3][4][5]. However these protocols uses bilinear pairings to achieve required security goals in their operations. The bilinear pairing is a mathematical tool which maps two elements in an additive group (usually elliptic curve group) to an element of another multiplicative group having same order(usually elements in related finite field) and it is broadly used in building of ID based as well as certificateless key agreement protocols [2]. ...
... However these protocols uses bilinear pairings to achieve required security goals in their operations. The bilinear pairing is a mathematical tool which maps two elements in an additive group (usually elliptic curve group) to an element of another multiplicative group having same order(usually elements in related finite field) and it is broadly used in building of ID based as well as certificateless key agreement protocols [2]. But bilinear pairing is always defined over a super singular elliptic curve group with large element size and thus it is many times more expensive operation than the scalar point multiplications in ECC. ...
... Therefore a paring free protocol based on CL-PKC is more appealing in practice. As per our literature survey none of the CL-PKC based group key agreement protocols available in current literature [2][3][4][5][6] is pairing free. The present research work propose an efficient certificateless group key agreement protocol without pairing. ...
Chapter
Full-text available
To allow a secure conversation among a group of members over a public network there is a need of group key agreement protocol which provide a group session key used in necessary cryptographic operations. Nowadays the protocols based on the certificateless public key cryptography (CL-PKC) creating more attraction for research because it does not require certificates to authenticates the public key as like ID- based cryptosystem and unlike ID based cryptosystem, it does not suffers from the key escrow problem. The almost all CL-PKC based group key agreement schemes in current literature are employ bilinear pairing in their operations. Since the relative computation cost of pairing is many times more than the elliptic curve point multiplication, so it motivates the researchers to propose pairing free protocols based on the CL-PKC. The present paper propose an efficient pairing free group key agreement protocol based on certificateless cryptography over elliptic curve group with their security and performance analysis. The analysis shows that the proposed protocol has strong security protection against various kinds of attack and involves comparatively lower computation and communication overheads than the other existing protocols.
... The reason behind the popularity of CL-PKC is that it simplifies the heavy certificate management burden in the PKI-based protocols and resolves the key escrow problem in ID-based cryptosystem. The certificateless cryptosystem has been proposed by Al-Riyami and Paterson in 2003 [1] and since then many group key agreement protocols based on CL-PKC have been proposed [2][3][4][5]. However these protocols uses bilinear pairings to achieve required security goals in their operations. The bilinear pairing is a mathematical tool which maps two elements in an additive group (usually elliptic curve group) to an element of an multiplicative group of same order (usually elements in related finite field) and it is widely used in building of ID-based as well as certificateless key agreement protocols [2]. ...
... However these protocols uses bilinear pairings to achieve required security goals in their operations. The bilinear pairing is a mathematical tool which maps two elements in an additive group (usually elliptic curve group) to an element of an multiplicative group of same order (usually elements in related finite field) and it is widely used in building of ID-based as well as certificateless key agreement protocols [2]. Bilinear pairing is always defined over a super singular elliptic curve group with large element size and thus it is many times more expensive operation than the scalar point multiplications in ECC. ...
... Therefore a paring free protocol based on CL-PKC is more appealing in practice. As per our literature survey none of the certificateless authenticated group key agreement (CL-AGKA) protocol provides users anonymity without pairing [2][3][4][5][6]. The present paper proposes a complete anonymous CL-AGKA protocol without pairing. ...
Article
Full-text available
Group key agreement protocol is the primary requirement of several groupware applications like secure conferences; pay-per view, etc. which requires secure and authentic conversations among a group of participants via public networks. Protocols based on the certificateless public key cryptography (CL-PKC) are in demand because it overcomes the complex certificate management of traditional public key cryptography, as well as the key escrow problem of identity-based cryptography. Several group applications often need users anonymity also, along with their security features. However in current literature only few group key agreement protocols are available which supports user’s anonymity. Further almost all GKA protocols based on CL-PKC are employs bilinear pairing in their operations. The expensive computation of pairing motivates the researchers to propose pairing free protocols based on the CL-PKC. The present paper proposes a pairing free certificateless group key agreement protocol that meets the efficiency, authenticity, and strong security with complete anonymity. The formal security validation of proposed protocol has been done by using automated validation of internet security protocols and applications tool which shows that it is unforgeable against the various attacks. The proposed protocol has the comparable performance than other existing protocols in terms of computation and communication overheads.
... In order to construct all primitive Pythagorean triples (a, b, c) with a, c odd and b even are obtained by switching a, b. The tree of primitive Pythagorean triples (a, b, c) with a, c odd and b even is constructed to the triple (3,4,5), then to (3, 4, 5) = (5,12,13), etc, so that each branching of the tree has 3 limbs. The first few branches of the tree are given in ...
... In order to construct all primitive Pythagorean triples (a, b, c) with a, c odd and b even are obtained by switching a, b. The tree of primitive Pythagorean triples (a, b, c) with a, c odd and b even is constructed to the triple (3,4,5), then to (3, 4, 5) = (5,12,13), etc, so that each branching of the tree has 3 limbs. The first few branches of the tree are given in ...
... Their feature provides a practical solution for group key update when members go offline from time to time. It also improves the LKH method in many aspects, such as the number of secret auxiliary keys held by each member, the way of handling off-line members, etc. JikaiTeng and Chuankun [5] proposed a security model for a certificate less group key agreement protocol and a constantround group key agreement protocol based on CL-PKC. It does not involve any signature scheme, which increases the efficiency of the protocol. ...
... However, the main limitation of Bayat et al.'s scheme is high computational overhead. Even then many key distribution schemes have been proposed [17][18][19][20][21][22], but the user's privacy is not considered in these schemes. Moreover, the existing schemes have high computational cost during secure key distribution in VANETs. ...
... This section consists of evaluating the computational cost of the proposed scheme against the existing works proposed by Lu et al. [19], Du et al. [20], Xiaozhuo et al. [21] and Teng [22] in the literature. In the proposed key distribution scheme, the computation cost is calculated based on the total time taken by a vehicle or an RSU in order to receive the necessary group key from TA. ...
Article
Full-text available
The incorporation of electronics by embedding the relevant sensors in the physical devices in home and office, vehicles of all types, buildings in the smart cities and in all possible spheres of life form a network of devices termed as internet of things (IoT). It is being realized that vehicular ad-hoc networks (VANETs) which are responsible for the reliable and secure communication among vehicles is a primary area of research in IoT and hence ensuring security in this area is essential. Thus, this work introduces a novel approach to improve the existing authentication support to VANETs. In this proposed framework, first an anonymous authentication approach for preserving the privacy is proposed which not only performs the vehicle user’s anonymous authentication but preserves the message integrity of the transmitting messages as well. Although many anonymous authentication schemes have been proposed in VANETs until now, the existing schemes suffer from a high computation cost during the signature and certificate verification process which leads to delayed authentication. Consequently, the vehicles and roadside units (RSUs) cannot authenticate more number of vehicles per second in VANETs. Second, an efficient anonymous group key distribution protocol is proposed in this paper for securely distributing the group key to the group of vehicles in the communication range of an RSU. The RSUs can send location based information to the group of vehicles in a secure manner using this group key. Experimental analysis portrays that the results of this new privacy preserving anonymous authentication and key management schemes are promising and efficient with regard to signature verification cost and computational cost in comparison with the existing schemes.
... is the participants in a session sid t i ; acc t i a 0/1-valued variable set by Π t i ; it equals 1 if the instance terminates normally, and equals 0 otherwise. To accommodate the self-certified cryptosystem, we modify the security model in [26] according to Teng's model [27]. In our model, an adversary A has full control of the network. ...
... few years, several group key agreement (GKA) studies have been published [1][2][3][4][5][6][7][8][9][10][11]. GKA is designed to enable many participants to interact with each other over an open network using a shared secret key. ...
Article
Group key agreements (GKA) enable a group of sensor nodes in wireless sensor networks (WSNs) to negotiate a common secret key and to establish a secure communication channel using this secret key. Due to hardware limitations, sensor nodes cannot perform heavy computations. Therefore, lightweight authentication schemes for GKA are required in WSNs. This study presents a novel lightweight identity-based round-efficient GKA scheme for WSNs, which is designed using extended chaotic maps and does not require a trusted authentication server online. Furthermore, based on the proposed GKA scheme, an extended scheme with perfect forward secrecy is developed using the extended chaotic map-based Diffie-Hellman key exchange. Both of the proposed schemes are not only more efficient than related schemes, but also provide more functionality.
... So far, multiple VANETs verification schemes based on CL-PKC have been proposed with the intention of providing conditional privacy. In 2012, Teng and Wu presented a security model for certificateless group key agreements [39]. Based on it, a constant-round CL-PKC group key agreement protocol for VANETs is designed. ...
Article
As the crucial component of intelligent transportation system (ITS), vehicular ad hoc networks (VANETs) are capable of providing a variety of safety-related functionalities and commercialoriented applications, which significantly improves the driving experience. Due to the foreseen impact of VANETs, extensive researches in both academia and industry field has been made, which emphasizes on effective VANETs implementations. In practical VANETs scenarios with open wireless communication characteristics, enhanced security strategies should be deployed in order to guarantee transmission safety. Moreover, individual vehicle needs to perform pre-defined authentication process towards all the acquired messages, some of which may be generated by abnormal devices or malicious attackers. In this case, with large amounts of anomaly messages to be authenticated during a relatively short time period, the denial of service (DoS) attack is possible. Note that the vehicle has limited computation capability and restrained storage. In this paper, we address the above issues by developing a secure and efficient authentication scheme with unsupervised anomaly detection. In our design, certificateless authentication technique is deployed for conditional privacy preserving, along with the Chinese remainder theorem (CRT) for efficient group key distribution and dynamic updating. Subsequently, the corresponding unsupervised anomaly detection method is illustrated, which applies dynamic time warping (DTW) for distance measurement. The proposed method could remarkably alleviate unnecessary authentication burden in vehicle side. DoS attack can also be prevented in this way. Furthermore, anomaly detection method is conducted by the involving RSUs, while the contents of the processing traffic flows are kept secret to RSUs during the entire process. Security analysis shows that our scheme can achieve desired security properties. Additionally, performance analysis demonstrates that our design is efficient compared with state-of-the-art. OAPA
... In order to avoid problems derived from the use of certificates, both Identity-Based Public Key Cryptography (ID-PKC) [22,23] and Certificateless Public Key Cryptography (CL-PKC) [24,25] do not use a certificate to prove the relationship between the users' identities and their public keys. In the schemes for ID-PKC and CL-PKC, users just use their public information as their public keys, such as phone numbers or e-mail addresses and thus the verification of a public key is intuitive. ...
Article
Full-text available
Real-time online communication technology has become increasingly important in modern business applications. It allows people to easily connect with business partners over the Internet through the camera lens on digital devices. However, despite the fact that users can identify and confirm the identity of the person in front of the camera, they cannot verify the authenticity of messages between communication partners. It is because the tunnel for the video is not the same as the tunnel that delivers the messages. To protect confidential messages, it is essential to establish a secure communication channel between users. This paper proposes a biometrics-based RSA cryptosystem to secure real-time communication in business. The idea put forward is to generate a cryptographic public key based on a user’s biometric information without using Public Key Infrastructure (PKI) and establish a secured channel in a public network. In such a way, the key must be verified with the user’s biometrics online. Since the key is derived from the user’s biometrics, it is strongly user-dependent and works well to convince others of the authenticity of the owner. Additionally, the derived biometric key is self-certified with the user’s biometrics, which means the cost of certificate storage, delivery and revocation can be significantly reduced.
... In 1999, Seo et al. [32] proposed an authenticated key agreement protocol, which is used to establish a common session key between two authenticated entities. More and more authenticated group key agreement protocols were proposed since 2000 [2,4,15,16,18,25,27,28,34,[36][37][38]49], and it means that security and privacy protection for group communication over the open network has been concern in recent years. An authenticated group key agreement can ensure that participants communicate with each other in a group securely through open channels. ...
Article
Full-text available
A group key agreement protocol can establish a secret key shared among some participants for secure group-oriented applications. Many authenticated group key agreement protocols are proposed, but some of them cannot provide user anonymity. Xiao et al. (Inf Sci 177:1136–1142, 2007) proposed an improved key agreement protocol based on chaotic maps with only a predetermined long-term key to ensure security. Guo and Zhang (Inf Sci 180:4069–4074, 2010) proposed a group key agreement protocol based on chaotic hash function, but Yoon et al. recently pointed out that Guo et al.’s protocol is vulnerable to off-line password guessing attack, stolen-verifier attack, and reflection attack. In this paper, we will propose an authenticated group key agreement protocol with user anonymity based on Chebyshev chaotic maps to resist above pointed out attacks and achieve the following properties with better performance: (i) It is suitable for multi-server and mobile environments; (ii) it achieves contributory group key agreement with user authentication; (iii) it provides mutual authentication, explicit key authentication, key confirmation, forward secrecy, and group key updating; (iv) user anonymity can simultaneously be preserved in the group key agreement procedure, which implies that identities of all participants are anonymously to outsiders; (iv) no public key certificates are used, which implies that authenticity of public keys are implicitly verified; (vi) it can also resist password guessing and stolen-verifier attacks.
... One of the most topic of a fresh protocol is how to enhance the safety of the session key. Several previous protocols [20][21][22] have achieved authentication by aggregate signature, which denotes the protocol signs to n participants with n different messages separately. Whereafter assemble these n signatures to construct a aggregate signature, and confirmer only needs to authenticate this aggregate signature to verify if these signatures came from these specific n participants. ...
Article
Full-text available
More than two participants implement communication over the network at the same time, aiming to establish a common session key, and it is named group session communication. Nowadays, many researchers lay emphasis on achieve a perfect group key agreement protocol in order to resist various attacks and complete mutual authentication for every two-party among them. Actually, investigators have overlooked an important issue called insider attack, which the inner participants could disclose the source of the messages to outsider parties. Therefore, in this paper, we present a novel group key agreement protocol with deniable authentication to against insider attack. After achieve the process of deniable authentication, the group participants unable to reveal the source of the messages to another party because any subgroup participants still can simulate the whole transcript process. Meanwhile, our protocol based on chaotic maps algorithm, which enhance the calculation efficiency and realize the goal of privacy protection successful.
... Considering some protocols based on CL-PKC[2]–[6],[8],[9], algorithms named as Setup,Partial-Private-Key-Extract, Set-Secret-Value, Set-Private-Key, and Set-Public-Key are usually defined in the initial phase, which have similar function but different implementation in different protocols. In addition, a Key Agreement Protocol is usually designed as the final part of each protocol. ...
Article
Established in self-organized mode between mobile terminals (MT), mobile Ad Hoc networks are characterized by a fast change of network topology, limited power dissipation of network node, limited network bandwidth and poor security of the network. Therefore, this paper proposes an efficient one round certificateless authenticated group key agreement (OR-CLAGKA) protocol to satisfy the security demand of mobile Ad Hoc networks. Based on elliptic curve public key cryptography (ECC), OR-CLAGKA protocol utilizes the assumption of elliptic curve discrete logarithm problems (ECDLP) to guarantee its security. In contrast with those certificateless authenticated group key agreement (GKA) protocols, OR-CLAGKA protocol can reduce protocol data interaction between group users and it is based on efficient ECC public key infrastructure without calculating bilinear pairings, which involves negligible computational overhead. Thus, it is particularly suitable to deploy OR-CLAGKA protocol on MT devices because of its limited computation capacity and power consumption. Also, under the premise of keeping the forward and backward security, OR-CLAGKA protocol has achieved appropriate optimization to improve the performance of Ad Hoc networks in terms of frequent communication interrupt and reconnection. In addition, it has reduced executive overheads of key agreement protocol to make the protocol more suitable for mobile Ad Hoc network applications. © 2016 The Institute of Electronics, Information and Communication Engineers.
... In 2011, Mokhtarnameh et al. [12] employed an alternative key generation technique to propose an enhanced CL-KA protocol. Considering group-oriented applications, some researchers [4,9,19] are also devoted to the design of certificateless group key agreement (CL-GKA) protocols. ...
Article
Two-party key agreement protocol allows two communication parties to share a common key for secure communication. Constructed from the certificateless public key cryptography (CL-PKC), a certificateless key agreement (CL-KA) protocol can not only solve the key escrow problem inherited from identity-based systems, but also avoid the troublesome issue of certificate management. Although the topic of two-party CL-KA has been extensively studied during past few years, it is unknown whether such a protocol can be achieved with only one exchanged message. In this paper, we put this idea into practice and propose a new one-round CL-KA for two-party. Specifically, each party of the proposed protocol only has to transmit one group element for sharing a session key and still maintains low computational costs. Moreover, we analyze the security of our scheme in the extended Canetti-Krawzcyk (eCK) security model. © 2016, Kauno Technologijos Universitetas. All rights reserved.
... n : Total number of participants(n − 1 subscribers with a broadcaster). Pairings : number of bilinear pairing computations needed in key agreement process (zero in case of our proposal) 2n + 2 n 4n n Choi et al. [15] O(n) 0 O(n) O(n) Teng et al. [22] O(n) 0 O(n 2 ) O(n 2 ) Hu et al. [23] n + 4 3n 4 O(n) Proposed Protocol 6n 0 0 n ...
Conference Paper
Full-text available
Pay-TV application is one of the challenging home appliances where a TV program is delivered to a group of customers. The broadcaster of the Pay-TV system needs to assure that only legitimate subscribers/customers can watch the subscribed TV program. To deliver a TV program confidentially to its subscribers, the broadcaster may encrypt the program by a group key shared by all subscribers. Thus the Pay-TV system often requires a group key establishment protocol to establish a symmetric key among all the subscribers subscribing for a particular program. The group key agreement protocol for Pay-TV system presented so far are requires bilinear pairing computations which creates a big overhead for subscribers specially in wireless environment. A protocol is suitable for Pay-TV system only when most of the computational load are shifted to the broadcaster than the subscribers because the subscribers may have less computational resources as compared to the broadcaster. The present paper proposes an ID-based group key agreement protocol suitable for the Pay-TV system without using bilinear pairing. The proposed protocol also have efficient join and leave procedures to allow dynamic subscriptions with forward and backward secrecy. Moreover, the security of the proposed protocol is justified with respect to the necessary security attributes. Finally the performance of proposed protocol has been compared with some other existing protocols which shows that the proposed protocol has comparable communication and computation cost with zero pairing computation.
... It provides better AKE security and can tolerate up to n-2 attackers for weak MA-security. Jan Camenisch et al. [20] proposed the need of Private Credentials in Electronic Identities. It does not involve issuers during authentication. ...
Conference Paper
Full-text available
Technology is advancing day-to-day. For a better and faster technology, information security is a must. This requires data authentication at the execution levels. Cryptography is a useful tool through which secure data independency can be established. It uses two basic operations namely encryption and decryption for secure data communication. A large number of cryptographic techniques have been proposed and implemented so far. In this paper, we have surveyed some of the proposed mechanisms based on Symmetric Key Cryptography and have made a basic comparison study among them. The basic features, advantages, drawbacks and applications of various Symmetric Key Cryptography algorithms have been mentioned in this paper.
... This is usually the case in big deployments of PKI. Certificate-less cryptography (CL-PKC) [12] is an interesting alternative to traditional PKI. It makes use of identities, which are users' public keys formed of arbitrary strings, in place of certificates. ...
Article
Recent years, the mobile technology has experienced a great increment in the number of its users. The GSM's architecture provides different security features like authentication, data/signaling confidentiality and secrecy of user yet the channel is susceptible to replay and interleaved. It always remains relevant as it is important in all types of application. Global system for mobile (GSM) communications has become the most popular standard for digital cellular communication. The GSM security system depends on encryption, authentication algorithms and information from SIM card. In this research paper, we proposed the design and implementation of a new authentication scheme by using certificate-less public key cryptography (CL-PKC) over the GSM system was attempted to miss some system detail. This research paper, we also proposed the GSM system and its security and public key cryptography with a focus in the CL-PKC; the CL-PKC is a simple, useful and robust security scheme designed and implemented over GSM. Our approach is more efficient than other competing topologies. We solved the GSM problem in A3 algorithm such as eavesdropping and this problem solved by CL-PKC because of its robustness against this type of attack by providing mutual authentication make the system more secure.
... Although the process consists of two rounds, in each round, communication with the leader is required. The protocol proposed in [22] is based on identities and does not require certificates. The protocol starts by each member choosing a random number and sending it to other members. ...
Article
Several multiparty systems supporting group-based and cloud-based applications have been proposed in the context of smart grid. An important requirement of these systems is that the devices/parties need to communicate with each other as members of a group. In this paper, we present an efficient group key (GK) management scheme aimed at securing the group communications, for instance, from the utility to appliances and smart meters located in different homes. Our scheme is based on the X.1035 password-authenticated key exchange protocol standard and also follows the cluster-based approach to reduce the costs of the GK construction and maintenance for large groups. Our protocol enables secure communications utilizing any communication technology. Analysis using one of the best evaluation tools in the technical community shows that our constructed GK is valid and secure against well-known attacks. We also show that the proposed scheme supports forward and backward secrecy and is more efficient in comparison with other GK mechanisms in the literature. Copyright © 2013 John Wiley & Sons, Ltd.
Book
Full-text available
Actas de las Jornadas Nacionales de Investigación en Ciberseguridad (JNIC) 2015
Conference Paper
Abstract—Unmanned aerial vehicle (UAV) fleets are the focus of various nations nowadays. Thus, it is expected to witness an explosion of reliability and safety critical UAV-based applications. Moreover, the recent surge of research on applied artificial intelligence and the industry advancement encourage the use of cooperative UAV fleets that offer potential collaborations even between UAVs from different organizations. The untrusted nature of the operation environments in addition to the high level of criticality of such applications require stringent secure protocols. There have been several security protocol proposals to ensure authentication, confidentiality and integrity, yet the overhead generated by these solutions and their impact on performance still severely hamper UAV endurance. In this paper, we propose to tackle the problem of secure communications within dynamic UAV fleets in open public networks using a pairing free Certificateless-Authenticated Group Key Agreement (CL-AGKA) scheme with constant rounds that meets efficiency and strong security. The formal security validation of the proposed protocol has been done by using Automated Validation of Internet Security Protocols and Applications tool (AVISPA). The aforementioned tool revealed that the proposed protocol is resilient against several attacks. More important, the computation cost has been significantly reduced thanks to the elimination of the expensive pairing operations and to the integration of the signature scheme into the key agreement to build one efficient algorithm.
Article
A novel one-round authenticated group key agreement (CL-AGKA) protocol is devised in this paper on certificateless public key cryptography. Our CL-AGKA protocol abolished the certificate management burden existing in certificate authority-based public key cryptography and the private-key escrow problem occurring in identity-based cryptography. Our CL-AGKA protocol is designed to establish an authenticated group session key between a group participants by ensuring that the session key is not revealed to any outsiders. The proposed CL-AGKA protocol designed a security model in the computational model, called the random oracle model. It is formally examined that our CL-AGKA protocol achieved the strong authenticated key exchange security and thus provably secured in the random oracle model. The security of the designed protocol is achieved against the intractability assumptions of the computational Diffie–Hellman problem and bilinear Diffie–Hellman problem. In addition, the proposed CL-AGKA protocol offered low message exchange cost and computational cost against the related group key agreement protocols.
Article
In distributed ad hoc sensor networks, scalable group key agreement protocol plays an important role. They are designed to provide a group of users with a shared secret key such that the users can securely communicate with each other over a public network. In most of previous group key agreement protocols, the number of messages sent by all users increases with the number of all participants. In this paper, a dynamic authenticated group key agreement protocol is presented using pairing for ad hoc networks. In Join algorithm, the number of transmitted messages does not increase with the number of all group members, which makes the protocol more practical. The protocol is provably secure. Its security is proved under Decisional Bilinear Diffie-Hellman assumption. The protocol also provides many other security attributes.
Article
In group key exchange (GKE) protocols, a shared secret key is established among a group of members for cryptographic use over a public network. An identity-based protocol is preferred to that under the employment of traditional public key infrastructure (PKI), since identity-based cryptosystem can simplify public key management procedure. In ASIACCS 2011, a security model for GKE protocol called EGBG model was proposed. The EGBG model takes ephemeral secret key leakage attack into consideration. Until now, there is no ID-based GKE protocol secure in the EGBG model. In this paper, we propose an identity-based GKE protocol. Its AKE-security with KCIR and full forward secrecy, MA-security with KCIR and its contributiveness are proven in the EGBG model. The proposed protocol does not involve NAXOS trick, which does not resist side channel attack and thus it provides stronger security guarantee. It achieves mutual authentication without applying signature, which makes the protocol more practical.
Article
In Eurocrypt 2009, Wu et al. introduced the notion of asymmetric group key agreement (ASGKA) and presented a generic construction of ASGKA protocols with one communication round. Most of ASGKA protocols are designed under that generic construction. In asymmetric group key agreement protocols, users obtain different decryption keys. Any subset of group members may collude to construct pirate decryption keys, which are different from those of colluders but can correctly decrypt ciphertexts. If a pirate decryption box is found, it is possible to find traitors since their decryption keys are related to their identities. In this paper, a collusion attack on the generic construction of ASGKA by Wu et al. is proposed. It is formally proved that each of colluders participating in the proposed collusion attack is unable to be traced. The attack is additionally applied to a concrete protocol to exemplify the collusion attack. Copyright © 2014 John Wiley & Sons, Ltd.
Article
A recent primitive known as asymmetric group key agreement (AGKA) allows a group of users to negotiate a common encryption key which is accessible to any entities and corresponds to different decryption keys, each of which is only computable by one group member. This concept makes it easy to construct distributed and one-round group key agreement protocols. However, this existing instantiation depends on public key infrastructure (PKI) associated with certificate management, or it is only secure against passive adversaries. This paper addresses this concern by designing a certificateless authenticated AGKA scheme, which does not require certificates to guarantee the authenticity of public keys yet avoids the inherent escrow problem of identity-based cryptosystems. Using simple binding techniques, the proposed scheme can be raised to the same trust level as that using the traditional PKI. We show that the proposed protocol is secure provided that the underlying k-bilinear Diffie-Hellman exponent problem is hard.
Article
Full-text available
An efficient and optimized secure group communication plays a vital role in many emergency communication. The operations on group key management protocol like joining or leaving the group dynamically and rekeying the group key when changes happen in the group are performed in many protocols. In the proposed system, a trust node is elected and a contributory group key is generated using the 24 bit color values (RGB) that provides a secure communication of messages among the group members in the dynamic environment through Diffie Hellman key exchange. The proposed system also reduces the cost of rekeying the group key when the mobility of the node increases. It was simulated to analyze the various issues related to group key management protocols like reliability, cost of contracting the group key when member join or leave the group dynamically, membership duration on rekeying overhead, inter-move variation on decryption/re-encryption overhead with member arrival duration. The above parameters are analyzed with respect to various other group key generation protocols and results are produced. The proposed system provides an optimized secure group key generation protocol for MANETs.
Article
Full-text available
A secure group communication in Mobile Ad-Hock Networks is challenging due to the mobility and limitations in computational and battery power of the nodes. This can be achieved by multicast routing protocol that ensures security through key management schemes. In this paper we proposed an energy efficient multicast routing protocol to establish the group in MANETS. In order to preserve security in data transmission, transitive signature scheme was introduced to enhance the security among the group nodes. The nodes may join/leave the group dynamically. To achieve this, the rekeying operation is performed for every change that happens in the group. The performance analysis on computational and communicational cost is done by varying group size and energy level of the nodes. This scheme results in low computational cost with respect to other protocols.
Conference Paper
Full-text available
An important and popular trend in modern computing is to convert traditional centralized services into distributed services spread across multiple systems and networks. One-way function trees can be used to extend two-party Key Agreement protocols to n-party protocols. Tree-based Group Diffie-Hellman [17] is one such protocol. This paper proposes the first Identity based Group Key Agreement protocol by extending the Identity based two-party Authenticated Key Agreement protocol [13]using the One-way function trees. A new function called the transformation function is defined, which is required in generating keys at any level from a lower level key in the key tree. The new protocol provides complete forward and backward secrecy. Authentication is implicit in this protocol, whereas it has to be explicitly dealt with in other Key Agreement protocols. ID-AGKA protocol is more advantageous for systems without a deployed PKI.
Conference Paper
Full-text available
Authenticated Di-e-Hellman key exchange allows two prin- cipals communicating over a public network, and each holding pub- lic/private keys, to agree on a shared secret value. In this paper we study the natural extension of this cryptographic problem to a group of principals. We begin from existing formal security models and reflne them to incorporate major missing details (e.g., strong-corruption and concurrent sessions). Within this model we deflne the execution of a pro- tocol for authenticated dynamic group Di-e-Hellman and show that it is provably secure under the decisional Di-e-Hellman assumption. Our security result holds in the standard model and thus provides better se- curity guarantees than previously published results in the random oracle model.
Conference Paper
Full-text available
Dynamic group Diffie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to work in a scenario in which the group membership is not known in advance but where parties may join and may also leave the multicast group at any given time. While several schemes have been proposed to deal with this scenario no formal treatment for this cryptographic problem has ever been suggested. In this paper, we define a security model for this problem and use it to precisely define Authenticated Key Exchange (AKE) with “implicit” authentication as the fundamental goal, and the entity-authentication goal as well. We then define in this model the execution of a protocol modified from a dynamic group Diffie-Hellman scheme offered in the litterature and prove its security.
Conference Paper
Full-text available
We present a provably secure tree based authenticated group key agreement protocol in dynamic scenario. Bilinear pairing and multi-signature are at the heart of our protocol. We prove that our protocol is provably secure in the standard security model of Bresson et al. An appropriate modification of Katz-Yung approach to tree based setting is adopted while proving its security against active adversaries. The protocol has an in-built hierarchical structure that makes it desirable for certain applications.
Article
Full-text available
We examine the popular proof models for group key estab- lishment of Bresson et al. (BCPQ01,BCP01) and point out missing secu- rity properties addressing malicious protocol participants. We show that established group key establishment schemes from CRYPTO 2003 and ASIACRYPT 2004 do not fully meet these new requirements. Next to giving a formal definition of these extended security properties, we prove a variant of the explored proposal from ASIACRYPT 2004 secure in this stricter sense. Our proof builds on the Computational Die Hellman (CDH) assumption and the random oracle model.
Article
We present an efficient authenticated group key agreement (AGKA) protocol in certificateless public key setting (CL-AGKA). The protocol only needs two communication rounds. In each protocol run, only four pairing computations are involved for each participant. The authentication in our protocol is realized using a signature scheme which is provably secure in the strongest security model for certificateless signature (CLS) schemes where the type I/II adversary is a super type I/II adversary. The security analysis shows our protocol satisfies Key authentication, Known session key security, Key compromise impersonation security, Perfect forward security, and Known session-specific temporary information security.
Article
As there is growth in the need of applications such as video conferencing and interactive chatting, secure group communication is an important research area. Security in these applications is necessary to provide services like privacy, data-integrity, and non-repudiation to group members. A naive way to achieve security in such groups is to have a secret key among every node. This task is achieved by means of a contributory group key agreement protocol that each member directly contributes to key management and generation. In 2007, Heo et al. [4] proposed certificateless authenticated group key agreement (CAGKA) protocol. While their protocol provides efficient communication and computation complexity, it does not provide (perfect) forward secrecy desired for a secure group key agreement protocol. In this paper, a certificateless authenticated group key agreement protocol is proposed based on CCEGK and EAGKA. The proposed protocol also satisfies security requirements and is suitable for dynamic membership events.
Article
Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.