Skip to main content
SpringerLink
Log in

UC-secure and Contributory Password-Authenticated Group Key Exchange

  • Conference paper
  • First Online:
Progress in Cryptology – INDOCRYPT 2016 (INDOCRYPT 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10095))

Included in the following conference series:

  • 702 Accesses

Abstract

The contributory property allows participants of group key exchange fairly to engage in the generation of the random session key rather than an entity or some part of members solely to determinate it or force it to lie in an undesired distribution. In this paper, we put forth a password-authenticated group key exchange (GPAKE) in which principals cooperate to agree a strong session key just in possession of a short password. The scheme realizes the optimality of contributory property—full-contributiveness—as long as there is one honest party, the uniform distribution of final session keys can be guaranteed. Moreover, it reaches the security definitions in the well-known universal composability (UC) framework under the random oracle model based on the one-more gap Diffie-Hellman assumption. In particular, our scheme that achieves these results with only two-round messages, has better performances on round complexity in comparison with the existing UC-secure schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdalla, M., Bresson, E., Chevassut, O., Pointcheval, D.: Password-based group key exchange in a constant number of rounds. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 427–442. Springer, Heidelberg (2006). doi:10.1007/11745853_28

    Chapter  Google Scholar 

  2. Abdalla, M., Catalano, D., Chevalier, C., Pointcheval, D.: Password-authenticated group key agreement with adaptive security and contributiveness. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 254–271. Springer, Heidelberg (2009). doi:10.1007/978-3-642-02384-2_16

    Chapter  Google Scholar 

  3. Abdalla, M., Chevalier, C., Granboulan, L., Pointcheval, D.: Contributory password-authenticated group key exchange with join capability. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 142–160. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19074-2_11

    Chapter  Google Scholar 

  4. Abdalla, M., Pointcheval, D.: A scalable password-based group key exchange protocol in the standard model. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 332–347. Springer, Heidelberg (2006). doi:10.1007/11935230_22

    Chapter  Google Scholar 

  5. Barak, B., Canetti, R., Lindell, Y., Pass, R., Rabin, T.: Secure computation without authentication. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 361–377. Springer, Heidelberg (2005). doi:10.1007/11535218_22

    Chapter  Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). doi:10.1007/3-540-45539-6_11

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM (1993)

    Google Scholar 

  8. Boyd, C., Nieto, J.M.G.: Round-optimal contributory conference key agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2003). doi:10.1007/3-540-36288-6_12

    Chapter  Google Scholar 

  9. Bresson, E., Chevassut, O., Pointcheval, D.: Group Diffie-Hellman key exchange secure against dictionary attacks. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 497–514. Springer, Heidelberg (2002). doi:10.1007/3-540-36178-2_31

    Chapter  Google Scholar 

  10. Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 255–264. ACM (2001)

    Google Scholar 

  11. Camenisch, J., Kiayias, A., Yung, M.: On the portability of generalized Schnorr proofs. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 425–442. Springer, Heidelberg (2009). doi:10.1007/978-3-642-01001-9_25

    Chapter  Google Scholar 

  12. Camenisch, J., Lehmann, A., Neven, G.: Optimal Distributed Password Verification. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security, pp. 182–194. ACM (2015)

    Google Scholar 

  13. Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45146-4_8

    Chapter  Google Scholar 

  14. Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997). doi:10.1007/BFb0052252

    Chapter  Google Scholar 

  15. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145. IEEE (2001)

    Google Scholar 

  16. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005). doi:10.1007/11426639_24

    Chapter  Google Scholar 

  17. Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally Composable Two-party and Multi-party Secure Computation. In: Proceedings of the Thirty-fourth Annual ACM Symposium on Theory of Computing, pp. 494–503. ACM (2002)

    Google Scholar 

  18. Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265–281. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45146-4_16

    Chapter  Google Scholar 

  19. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). doi:10.1007/3-540-47721-7_12

    Google Scholar 

  20. Hofheinz, D., Müller-Quade, J.: Universally composable commitments using random oracles. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 58–76. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24638-1_4

    Chapter  Google Scholar 

  21. Jarecki, S., Kiayias, A., Krawczyk, H., Xu, J.: Highly-efficient and composable password-protected secret sharing (or: how to protect your bitcoin wallet online). In: 2016 IEEE European Symposium on Security and Privacy, pp. 276–291 (2016)

    Google Scholar 

  22. Jarecki, S., Kiayias, A., Krawczyk, H.: Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 233–253. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45608-8_13

    Google Scholar 

  23. Katz, J., Shin, J.S.: Modeling insider attacks on group key-exchange protocols. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 180–189. ACM (2005)

    Google Scholar 

  24. Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45146-4_7

    Chapter  Google Scholar 

  25. Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002). doi:10.1007/3-540-45708-9_3

    Chapter  Google Scholar 

  26. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_16

    Google Scholar 

  27. Xu, J., Hu, X.-X., Zhang, Z.-F.: Round-optimal password-based group key exchange protocols in the standard model. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 42–61. Springer, Heidelberg (2015). doi:10.1007/978-3-319-28166-7_3

    Chapter  Google Scholar 

Download references

Acknowledgement

We would like to thank the anonymous reviewers for their beneficial comments. This work is supported by the National Natural Science Foundation of China (No. U1536205, 61170278) and the National Basic Research Program of China (No.2013CB338003).

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, China

    Lin Zhang & Zhenfeng Zhang

Authors
  1. Lin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhenfeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhenfeng Zhang .

Editor information

Editors and Affiliations

  1. University of Haifa , Haifa, Israel

    Orr Dunkelman

  2. Indraprashtha Institute of Information Technology (IIIT-D), New Delhi, India

    Somitra Kumar Sanadhya

A Auxiliary Ideal Functionalities

A Auxiliary Ideal Functionalities

In this section, we list the formal ideal functionalities of random oracles and common random strings used as setup assumptions in our work.

1.1 A.1 Random Oracles

Fig. 4.
figure 4

The ideal functionality \({\mathcal F}_\mathsf{RO}\)

Full size image

The random oracle model (e.g. [7]) captures an idealization of a hash function. In particular, it allows only black-box access and cannot be “predicted” without explicitly evaluating it. The outputs are uniformly selected random strings of specified size. We present the random oracle functionality \(\mathcal F_\mathsf{RO}\) that has been defined by Hofheinz and Müller-Quade [20] in Fig. 4.

1.2 A.2 Common Reference Strings

The common reference string functionality \(\mathcal F_\mathsf{CRS}\) [15, 17] captures that a common string drawn from a pre-specified distribution D can be accessible by all parties in the system, including the adversary. Furthermore, it guarantees that no party can be aware of the information related to the process of generating this string. The functionality illustrated in Fig. 5 results from the 2005 version of [15].

Fig. 5.
figure 5

The ideal functionality \({\mathcal F}_\mathsf{CRS}\)

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Zhang, L., Zhang, Z. (2016). UC-secure and Contributory Password-Authenticated Group Key Exchange. In: Dunkelman, O., Sanadhya, S. (eds) Progress in Cryptology – INDOCRYPT 2016. INDOCRYPT 2016. Lecture Notes in Computer Science(), vol 10095. Springer, Cham. https://doi.org/10.1007/978-3-319-49890-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49890-4_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49889-8

  • Online ISBN: 978-3-319-49890-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation