Paper 2016/1166
Group key exchange protocols withstanding ephemeral-key reveals
Maria Isabel Gonzalez Vasco, Angel L. Perez del Pozo, and Adriana Suarez Corona
Abstract
When a group key exchange protocol is executed, the session key is typically extracted from two types of secrets; long-term keys (for authentication) and freshly generated (often random) values. The leakage of this latter so-called ephemeral keys has been extensively analyzed in the 2-party case, yet very few works are concerned with it in the group setting. We provide a generic {group key exchange} construction that is strongly secure, meaning that the attacker is allowed to learn both long-term and ephemeral keys (but not both from the same participant, as this would trivially disclose the session key). Our design can be seen as a compiler, in the sense that it builds on a 2-party key exchange protocol which is strongly secure and transforms it into a strongly secure group key exchange protocol by adding only one extra round of communication. When applied to an existing 2-party protocol from Bergsma et al., the result is a 2-round group key exchange protocol which is strongly secure in the standard model, thus yielding the first construction with this property.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Group Key AgreementStrong SecurityEphemeral KeysCompiler
- Contact author(s)
- mariaisabel vasco @ urjc es
- History
- 2016-12-28: received
- Short URL
- https://ia.cr/2016/1166
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/1166,
author = {Maria Isabel Gonzalez Vasco and Angel L. Perez del Pozo and Adriana Suarez Corona},
title = {Group key exchange protocols withstanding ephemeral-key reveals},
howpublished = {Cryptology {ePrint} Archive, Paper 2016/1166},
year = {2016},
url = {https://eprint.iacr.org/2016/1166}
}
