A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Diffie-Hellman key distribution extended to group communication
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Secure protocol transformation via “expansion”: from two-party to groups
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Provably authenticated group Diffie-Hellman key exchange
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A Secure Audio Teleconference System
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Multi-recipient Public-Key Encryption with Shortened Ciphertext
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Randomness Re-use in Multi-recipient Encryption Schemeas
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
Tree-based group key agreement
ACM Transactions on Information and System Security (TISSEC)
Group Key Agreement Efficient in Communication
IEEE Transactions on Computers
Modeling insider attacks on group key-exchange protocols
Proceedings of the 12th ACM conference on Computer and communications security
Securing group key exchange against strong corruptions
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Constant-Round Authenticated Group Key Exchange with Logarithmic Computation Complexity
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Revisiting Pairing Based Group Key Exchange
Financial Cryptography and Data Security
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
(Password) authenticated key establishment: from 2-party to group
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On security models and compilers for group key exchange protocols
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Efficient two-party password-based key exchange protocols in the UC framework
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Password-Based group key exchange in a constant number of rounds
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Authentication for paranoids: multi-party secret handshakes
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Group secret handshakes or affiliation-hiding authenticated group key agreement
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Flexible group key exchange with on-demand computation of subgroup keys
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Sufficient condition for ephemeral key-leakage resilient tripartite key exchange
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Decentralized dynamic broadcast encryption
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Hi-index | 0.00 |
We enrich the classical notion of group key exchange (GKE) protocols by a new property that allows each pair of users to derive an independent peer-to-peer (p2p) key on-demand and without any subsequent communication; this, in addition to the classical group key shared amongst all the users. We show that GKE protocols enriched in this way impose new security challenges concerning the secrecy and independence of both key types. The special attention should be paid to possible collusion attacks aiming to break the secrecy of p2p keys possibly established between any two non-colluding users. In our constructions we utilize the well-known parallel Diffie-Hellman key exchange (PDHKE) technique in which each party uses the same exponent for the computation of p2p keys with its peers. First, we consider PDHKE in GKE protocols where parties securely transport their secrets for the establishment of the group key. For this we use an efficient multi-recipient ElGamal encryption scheme. Further, based on PDHKE we design a generic compiler for GKE protocols that extend the classical Diffie-Hellman method. Finally, we investigate possible optimizations of these protocols allowing parties to re-use their exponents to compute both group and p2p keys, and show that not all such GKE protocols can be optimized.