Open AccessGroup key exchange protocols withstanding ephemeral‐key reveals
Author(s) -
González Vasco Maria Isabel,
Pérez del Pozo Angel Luis,
Suárez Corona Adriana
Publication year - 2018
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2017.0131
Subject(s) - ephemeral key , key exchange , computer science , session key , computer security , key (lock) , oakley protocol , protocol (science) , authenticated key exchange , session (web analytics) , group key , diffie–hellman key exchange , computer network , public key cryptography , world wide web , encryption , medicine , alternative medicine , pathology
When a group key exchange protocol is executed, the session key is typically extracted from two types of secrets: long‐term keys (for authentication) and freshly generated (often random) values. The leakage of this latter so‐called ephemeral keys has been extensively analysed in the 2‐party case, yet very few works are concerned with it in the group setting. The authors provide a generic group key exchange construction that is strongly secure, meaning that the attacker is allowed to learn both long‐term and ephemeral keys (but not both from the same participant, as this would trivially disclose the session key). Their design can be seen as a compiler, in the sense that it builds on a 2‐party key exchange protocol which is strongly secure and transforms it into a strongly secure group key exchange protocol by adding only one extra round of communication. When applied to an existing 2‐party protocol from Bergsma et al ., the result is a 2‐round group key exchange protocol which is strongly secure in the standard model, thus yielding the first construction with this property.