Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Authenticated group key agreement and friends
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Provably authenticated group Diffie-Hellman key exchange
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
Tree-based group key agreement
ACM Transactions on Information and System Security (TISSEC)
Group Key Agreement Efficient in Communication
IEEE Transactions on Computers
Asynchronous group key exchange with failures
Proceedings of the twenty-third annual ACM symposium on Principles of distributed computing
Modeling insider attacks on group key-exchange protocols
Proceedings of the 12th ACM conference on Computer and communications security
Secure group key establishment revisited
International Journal of Information Security
Securing group key exchange against strong corruptions
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard
Proceedings of the 2008 ACM symposium on Information, computer and communications security
STACS'99 Proceedings of the 16th annual conference on Theoretical aspects of computer science
On security models and compilers for group key exchange protocols
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
A non-malleable group key exchange protocol robust against active insiders
ISC'06 Proceedings of the 9th international conference on Information Security
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Password-Based group key exchange in a constant number of rounds
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
An insider-resistant group key exchange protocol without signatures
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Hi-index | 0.00 |
In Group Key Exchange (GKE) protocols, users usually extract the group key using some auxiliary (ephemeral) secret information generated during the execution. Strong corruptions are attacks by which an adversary can reveal these ephemeral secrets, in addition to the possibly used long-lived keys. Undoubtedly, security impact of strong corruptions is serious, and thus specifying appropriate security requirements and designing secure GKE protocols appears an interesting yet challenging task – the aim of our article. We start by investigating the current setting of strong corruptions and derive some refinements like opening attacks that allow to reveal ephemeral secrets of users without their long-lived keys. This allows to consider even stronger attacks against honest, but 'opened' users. Further, we define strong security goals for GKE protocols in the presence of such powerful adversaries and propose a 3-round GKE protocol, named TDH1, which remains immune to their attacks under standard cryptographic assumptions. Our security definitions allow adversaries to register users and specify their long-lived keys, thus, in particular capture attacks of malicious insiders for the appropriate security goals such as Mutual Authentication, key confirmation, contributiveness, key control and key-replication resilience.