On the impossibility of building secure cliques-type authenticated group key agreement protocols

Authors:
Olivier Pereira;Jean-Jacques Quisquater
Affiliations:
UCL Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium and Belgain National Funds for Scientific Research (FNRS);UCL Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium
Venue:
Journal of Computer Security - Special issue on CSFW17
Year:
2006

Citing 12
Cited 3

Efficient and timely mutual authentication

ACM SIGOPS Operating Systems Review
A lesson on authentication protocol design

ACM SIGOPS Operating Systems Review
Authenticated group key agreement and friends

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Towards a completeness result for model checking of security protocols

Journal of Computer Security
Strand spaces: proving security protocols correct

Journal of Computer Security
Using encryption for authentication in large networks of computers

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
A Bound on Attacks on Authentication Protocols

TCS '02 Proceedings of the IFIP 17th World Computer Congress - TC1 Stream / 2nd IFIP International Conference on Theoretical Computer Science: Foundations of Information Technology in the Era of Networking and Mobile Computing
A Security Analysis of the Cliques Protocols Suites

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Some attacks upon authenticated group key agreement protocols

Journal of Computer Security - Special issue on CSFW14
Abstraction and Refinement in Protocol Derivation

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
New multiparty authentication services and key agreement protocols

IEEE Journal on Selected Areas in Communications

Proving Group Protocols Secure Against Eavesdroppers

IJCAR '08 Proceedings of the 4th international joint conference on Automated Reasoning
On the (im)possibility of perennial message recognition protocols without public-key cryptography

Proceedings of the 2011 ACM Symposium on Applied Computing
Protocol analysis in Maude-NPA using unification modulo homomorphic encryption

Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

The A-GDH.2 and SA-GDH.2 authenticated group key agreement protocols showed to be flawed in 2001. Even though the corresponding attacks (or some variants of them) have been rediscovered in several different frameworks, no fixed version of these protocols has been proposed until now.In this paper, we prove that it is in fact impossible to design a scalable authenticated group key agreement protocol based on the same design assumptions as the A-GDH ones. We proceed by providing a systematic way to derive an attack against any A-GDH-type protocol with at least four participants and exhibit protocols with two and three participants which we cannot break using our technique. As far as we know, this is the first generic insecurity result reported in the literature concerning authentication protocols.