Abstract
Two-party password-authenticated key exchange (2PAKE) protocols provide a natural mechanism for secret key establishment in distributed applications, and they have been extensively studied in past decades. However, only a few efforts have been made so far to design password-authenticated group key exchange (GPAKE) protocols. In a 2PAKE or GPAKE protocol, it is assumed that short passwords are preshared among users. This assumption, however, would be impractical in certain applications. Motivated by this observation, this article presents a GPAKE protocol without the password sharing assumption. To obtain the passwords, wireless devices, such as smart phones, tablets, and laptops, are used to extract short secrets at the physical layer. Using the extracted secrets, users in our protocol can establish a group key at higher layers with light computation consumptions. Thus, our GPAKE protocol is a cross-layer design. Additionally, our protocol is a compiler, that is, our protocol can transform any provably secure 2PAKE protocol into a GPAKE protocol with only one more round of communications. Besides, the proposed protocol is proved secure in the standard model.
- Michel Abdalla, Jens-Matthias Bohli, Maria Isabel Gonzalez Vasco, and Rainer Steinwandt. 2007. (Password) authenticated key establishment: From 2-party to group. In Proceedings of the 4th Theory of Cryptography Conference (TCC’07) (Lecture Notes in Computer Science), Salil P. Vadhan (Ed.), Vol. 4392. Springer, 499--514. Google ScholarDigital Library
- Michel Abdalla, Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. 2006. Password-based group key exchange in a constant number of rounds. In Public Key Cryptography - Proceedings of the 9th International Conference on Theory and Practice of Public-Key Cryptography (PKC’06) (Lecture Notes in Computer Science), Moti Yung, Yevgeniy Dodis, Aggelos Kiayias, and Tal Malkin (Eds.), Vol. 3958. Springer, 427--442. Google ScholarDigital Library
- Michel Abdalla, Dario Catalano, Céline Chevalier, and David Pointcheval. 2009. Password-authenticated group key agreement with adaptive security and contributiveness. In Progress in Cryptology - Proceedings of the 2nd International Conference on Cryptology in Africa (AFRICACRYPT’09) (Lecture Notes in Computer Science), Bart Preneel (Ed.), Vol. 5580. Springer, 254--271. Google ScholarDigital Library
- Michel Abdalla, Céline Chevalier, Louis Granboulan, and David Pointcheval. 2011. Contributory password-authenticated group key exchange with join capability. In Topics in Cryptology - Proceedings of the Cryptographers’ Track at the RSA Conference (CT-RSA’11) (Lecture Notes in Computer Science), Aggelos Kiayias (Ed.), Vol. 6558. Springer, 142--160. Google ScholarDigital Library
- Michel Abdalla and David Pointcheval. 2006. A scalable password-based group key exchange protocol in the standard model. In Advances in Cryptology - Proceedings of the 12th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’06) (Lecture Notes in Computer Science), Xuejia Lai and Kefei Chen (Eds.), Vol. 4284. Springer, 332--347. Google ScholarDigital Library
- Mihir Bellare, David Pointcheval, and Phillip Rogaway. 2000. Authenticated key exchange secure against dictionary attacks. In Advances in Cryptology - Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT’00) (Lecture Notes in Computer Science), Bart Preneel (Ed.), Vol. 1807. Springer, 139--155.Google ScholarCross Ref
- Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. 2002. Group Diffie-Hellman key exchange secure against dictionary attacks. In Advances in Cryptology - Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’02), (Lecture Notes in Computer Science), Yuliang Zheng (Ed.), Vol. 2501. Springer, 497--514. Google ScholarDigital Library
- Mike Burmester and Yvo Desmedt. 1994. A secure and efficient conference key distribution system (extended abstract). In Advances in Cryptology - Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT’94) (Lecture Notes in Computer Science), Alfredo De Santis (Ed.), Vol. 950. Springer, 275--286.Google Scholar
- Arcangelo Castiglione, Paolo D’Arco, Alfredo De Santis, and Rosario Russo. 2015a. Secure group communication schemes for dynamic heterogeneous distributed computing. In Press. Future Generation Computer Systems (2015).Google Scholar
- Arcangelo Castiglione, Francesco Palmieri, Ugo Fiore, Aniello Castiglione, and Alfredo De Santis. 2015b. Modeling energy-efficient secure communications in multi-mode wireless mobile devices. Journal of Computer and System Sciences 81, 8 (2015), 1464--1478. Google ScholarDigital Library
- Arcangelo Castiglione, Alfredo De Santis, Aniello Castiglione, Francesco Palmieri, and Ugo Fiore. 2013. An energy-aware framework for reliable and secure end-to-end ubiquitous data communications. In Proceedings of the 2013 5th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 157--165. Google ScholarDigital Library
- Wanchun Dou, Xuyun Zhang, Jianxun Liu, and Jinjun Chen. 2015. HireSome-II: Towards privacy-aware cross-cloud service composition for big data applications. IEEE Transactions on Parallel and Distributed Systems 26, 2 (2015), 455--466.Google ScholarDigital Library
- Ratna Dutta and Rana Barua. 2006. Password-based encrypted group key agreement. International Journal of Network Security 3, 1 (2006), 23--34.Google Scholar
- Feng Hao, Xun Yi, Liqun Chen, and Siamak Fayyaz Shahandashti. 2015. The fairy-ring dance: Password authenticated key exchange in a group. IACR Cryptology ePrint Archive 2015 (2015), 80.Google Scholar
- Daojing He, Chun Chen, Maode Ma, Sammy Chan, and Jiajun Bu. 2013. A secure and efficient password-authenticated group key exchange protocol for mobile ad hoc networks. International Journal of Communication Systems 26, 4 (2013), 495--504.Google ScholarCross Ref
- Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MOBICOM’09), Kang G. Shin, Yongguang Zhang, Rajive Bagrodia, and Ramesh Govindan (Eds.). ACM, 321--332. Google ScholarDigital Library
- Jonathan Katz, Rafail Ostrovsky, and Moti Yung. 2009. Efficient and secure authenticated key exchange using weak passwords. Journal of the ACM 57, 1 (2009). Google ScholarDigital Library
- Jonathan Katz and Moti Yung. 2003. Scalable protocols for authenticated group key exchange. In Advances in Cryptology - 23rd Annual International Cryptology Conference (CRYPTO’03), (Lecture Notes in Computer Science), Dan Boneh (Ed.), Vol. 2729. Springer, 110--125.Google Scholar
- Osman Khalid, Samee Ullah Khan, Sajjad Ahmad Madani, Khizar Hayat, Majid Iqbal Khan, Nasro Min-Allah, Joanna Kolodziej, Lizhe Wang, Sherali Zeadally, and Dan Chen. 2013. Comparative study of trust and reputation systems for wireless sensor networks. Security and Communication Networks 6, 6 (2013), 669--688.Google ScholarCross Ref
- Su-Mi Lee, Jung Yeon Hwang, and Dong Hoon Lee. 2004. Efficient password-based group key exchange. In Proceedings of the 1st International Conference on Trust and Privacy in Digital Business (TrustBus’04), (Lecture Notes in Computer Science), Sokratis K. Katsikas, Javier Lopez, and Günther Pernul (Eds.), Vol. 3184. Springer, 191--199.Google ScholarCross Ref
- Chang Liu, Chi Yang, Xuyun Zhang, and Jinjun Chen. 2015. External integrity verification for outsourced big data in cloud and IoT: A big picture. Future Generation Computer Systems 49 (2015), 58--67. Google ScholarDigital Library
- Suhas Mathur, Robert D. Miller, Alexander Varshavsky, Wade Trappe, and Narayan B. Mandayam. 2011. ProxiMate: Proximity-based secure pairing using ambient wireless signals. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys’11), Ashok K. Agrawala, Mark D. Corner, and David Wetherall (Eds.). ACM, 211--224. Google ScholarDigital Library
- Suhas Mathur, Wade Trappe, Narayan B. Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th Annual International Conference on Mobile Computing and Networking (MOBICOM’08), J. J. Garcia-Luna-Aceves, Raghupathy Sivakumar, and Peter Steenkiste (Eds.). ACM, 128--139. Google ScholarDigital Library
- Charith Perera, Rajiv Ranjan, Lizhe Wang, Samee Ullah Khan, and Albert Y. Zomaya. 2015. Big data privacy in the internet of things era. IT Professional 17, 3 (2015), 32--39.Google ScholarDigital Library
- Pawani Porambage, An Braeken, Corinna Schmitt, Andrei Gurtov, Mika Ylianttila, and Burkhard Stiller. 2015. Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. IEEE Access 3 (2015), 1503--1511.Google ScholarCross Ref
- Sriram Nandha Premnath, Suman Jana, Jessica Croft, Prarthana Lakshmane Gowda, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2013. Secret key extraction from wireless signal strength in real environments. IEEE Transaction on Mobile Computing 12, 5 (2013), 917--930. Google ScholarDigital Library
- Deepak Puthal, Surya Nepal, Rajiv Ranjan, and Jinjun Chen. 2016. DLSeF: A dynamic key length based efficient real-time security verification model for big data stream. In Press. ACM Transactions on Embedded Computing Systems (2016).Google ScholarDigital Library
- Qiang Tang and Kim-Kwang Raymond Choo. 2006. Secure password-based authenticated group key agreement for data-sharing peer-to-peer networks. In Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS’06) (Lecture Notes in Computer Science), Jianying Zhou, Moti Yung, and Feng Bao (Eds.), Vol. 3989. 162--177. Google ScholarDigital Library
- Zhiguo Wan, Robert H. Deng, Feng Bao, and Bart Preneel. 2007. nPAKE+: A hierarchical group password-authenticated key exchange protocol using different passwords. In Proceedings of the 9th International Conference on Information and Communications Security (ICICS’07) (Lecture Notes in Computer Science), Sihan Qing, Hideki Imai, and Guilin Wang (Eds.), Vol. 4861. Springer, 31--43. Google ScholarDigital Library
- Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. 2011. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of the 30th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’11). IEEE, 1422--1430.Google ScholarCross Ref
- Qian Wang, Kaihe Xu, and Kui Ren. 2012. Cooperative secret key generation from phase estimation in narrowband fading channels. IEEE Journal on Selected Areas in Communications 30, 9 (2012), 1666--1674.Google ScholarCross Ref
- Bing Wu, Jie Wu, and Yuhong Dong. 2009. An efficient group key management scheme for mobile ad hoc networks. International Journal of Security and Networks 4, 1/2 (2009), 125--134. Google ScholarDigital Library
- Bin Zan, Marco Gruteser, and Fei Hu. 2013. Key agreement algorithms for vehicular communication networks based on reciprocity and diversity theorems. IEEE Transactions on Vehicular Technology 62, 8 (2013), 4020--4027.Google ScholarCross Ref
- Kai Zeng, Daniel Wu, An (Jack) Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings of the 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’10). IEEE, 1837--1845. Google ScholarDigital Library
Index Terms
- Password-Authenticated Group Key Exchange: A Cross-Layer Design
Recommendations
Server-aided password-authenticated key exchange: from 3-party to group
HI'11: Proceedings of the 2011 international conference on Human interface and the management of information - Volume Part IProtocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of ...
A general compiler for password-authenticated group key exchange protocol
Password-authenticated group key exchange protocols allow that a group of participants who share a human-memorable (short) password can obtain a common session key in a secure way over public networks. In this paper, we design a compiler, which ...
A Universally Composable Group Key Exchange Protocol with Minimum Communication Effort
SCN '08: Proceedings of the 6th international conference on Security and Cryptography for NetworksThe universal composability (UC) framework by Canetti [15] is a general-purpose framework for designing secure protocols. It ensures the security of UC-secure protocols under arbitrary compositions. As key exchange protocols (KEs) belong to the most ...
Comments