Research On The Provable Secure Group Key Agreement Protocol

Multicast, based on the UDP/IP protocol, is a group-oriented data transmitting approach. Due to the popularity of group-oriented applications, such as distributed database servers, video/audio network conferencing, multi-player games, grid computing and collaborative workspaces, secure multicast communication becomes every important. But multicast communication protocol did not provide data access control mechanisms As long as users know the specific business of multicast addresses, and they can be audited not to join the communications group and obtained a copy of the data. So far, group key agreement protocols provide a basic approach which allow to establish a shared session key among participants, then this session key is used to achieve data confidentiality, integrity and authentication. A group key agreement protocol involves all participants cooperatively establishing the shared session key, and no participant can predetermine or calculate the session key. Many researchers do much work on group key agreement protocol, and obtain great achievement. However, with the development of computer network and application, some issues on group key agreement are not resolved effectively. It is necessary to do further research on these issues.BD protocol is a famous group key agreement protocol with two round communications under a broadcast channel. Certainly, if the channel is authenticated, this protocol is secure against impersonators (outsiders). But BD protocol is unable to withstand the disruption attack and key-control attack of malicious participants in group. These two attacks lead that other honest participants will compute different session key and other honest participants compute the fixed session key which is determined previously by malicious participants, respectively. Using the digital signature, a fault-tolerant group key agreement (FT-BD) protocol based on BD protocol is proposed. Even if there are malicious participants trying to attack the establishment of a session key, all other honest participants following the proposed protocol are still able to compute the correct session key as well as they only need two-round communications. The proposed protocol can withstand the passive attack of adversary, the interrupted attack and key-control attack from malicious participants.In order to translate BD protocol into the authenticated one, many researchers have done much work. But these Current protocols are limited by the use of Public Key Infrastructures (PKI) that need more computation overhead or by their scalability, requiring a number of communication rounds linear in the number of group members. Password is one of the ideal authentication approaches to agree a session key. Low-entropy passwords are easy for humans to remember but cannot guarantee the same level of security as high-entropy secrets such as symmetric or asymmetric keys, so a password-based group key agreement protocol could suffer from the so-called dictionary attacks. According to improved BD protocol by Dutta et al., an efficiently password-based authenticated group key agreement protocol is proposed using password-based encryption. The proposed protocol has many advantages, such as without supporting by PKI, resisting off-line dictionary attacks and needing two rounds only. Under the Decisional Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.In order to reduce computational complexity, Horng proposed a more efficient group key agreement protocol with three exponent operations. However, Horng's protocol is unable to withstand the sub-group dividing attack of malicious participants in group. This attack leads that honest participants can only communicate with some of the members but not all after it agrees on a group key. An improved Horng's protocol is proposed. The proposed protocol which joins the message authentication method in original protocol can detect the malicious participant and start the key agreement again. Under the assumption of the decision Diffie-Hellman problem and the random oracle model, the proposed protocol is provably secure against the sub-group dividing attack.The improved Horng's protocol is a non-authenticated group key agreement protocol under a broadcast channel that is authenticated still. An efficient and secure password-based group key agreement protocol in static group setting according to adding password-authentication services to the protocol proposed by Horng. In proposed protocol, the legitimate users can share only a low-entropy human memorable password and communicating over an insecure channel controlled by the active adversary, to agree upon a high-entropy session key among. It emphasize that proposed protocol do not need any fixed PKI, and is efficient in terms of both computation and communication complexities. We incrementally define a sequence of experiments from the experiment. In each experiment, various adversary behaviors and environments are simulated then measure the advantage of an adversary about the agreed session key by using each difference of probability between experiments. The security analyses show that proposed protocol has semantic security under MDDH assumption.