Key Agreement in Dynamic Peer Groups
IEEE Transactions on Parallel and Distributed Systems
Provably authenticated group Diffie-Hellman key exchange
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A Secure Audio Teleconference System
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Exploring Robustness in Group Key Agreement
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Group Key Agreement Efficient in Communication
IEEE Transactions on Computers
Asynchronous group key exchange with failures
Proceedings of the twenty-third annual ACM symposium on Principles of distributed computing
Scalable Protocols for Authenticated Group Key Exchange
Journal of Cryptology
Survival in the Wild: Robust Group Key Agreement in Wide-Area Networks
Information Security and Cryptology --- ICISC 2008
Fully Robust Tree-Diffie-Hellman Group Key Exchange
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
An efficient fault-tolerant group key agreement protocol
Computer Communications
T-robust scalable group key exchange protocol with O(log n) complexity
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Hi-index | 0.00 |
A group key agreement protocol (GKA) allows a set of players to establish a shared secret key which can be used to secure a subsequent communication. Several efficient constant-round GKA's have been proposed. However, their performance degrades if some players fail during protocol execution. This is a problem in practice, e.g. for mobile nodes communicating over wireless media, which can loose connectivity during the protocol execution. Current constant-round GKA protocols are either efficient and non-robust or robust but not efficient: Assuming a reliable broadcast communication medium, the standard encryption-based group key agreement protocol can be robust against arbitrary number of node faults, but the size of the messages broadcast by every player is proportional to the number of players. In contrast, non-robust group key agreement can be achieved with each player broadcasting just constant-sized messages. We propose a novel 2-round group key agreement protocol which tolerates up to T node failures using O(T)-sized messages, for any T. To exemplify the usefulness of this flexible trade-off between message size and fault tolerance, we show that the new protocol implies a fully-robust group key agreement with O(log n)-sized messages and expected round complexity close to 2, assuming random node faults. The proposed protocol is secure under the (standard) Decisional Square Diffie-Hellman assumption.