Multi-party pairwise key agreement in linear number of Diffie–Hellman key exchanges

Springer Science and Business Media LLC - Tập 16 - Trang 275-284 - 2020
Nikolay Shenets1
1Peter the Great St. Petersburg Polytechnic University, Saint Petersburg, Russia

Tóm tắt

We consider a classical problem of multi-party pairwise key agreement (MP-KA): n parties wish to establish a secure communication channels to each other. Currently, this problem is easily solved with involvement of a trusted Key Distribution Center (KDC) or Key Translation Center (KTC), public key encryption or key pre-distribution protocols. But these solutions are not applicable when some parties are corrupted and all of them have only a link to the Certificate Verification Center (CVC). We develop MP-KA protocol without Trusted Setup and involvement of KDC or KTC, which reduces the number $$(n(n-1))/2$$ of Diffie–Hellman key exchanges (DH-KE). Precisely, for an adversary, who corrupts no more then t-out-of-n parties, $$t \le [n/2]-1$$ , we reduce this number to $$(n-t-1)\cdot (t+1)$$ , and thus to O(n) for the constant value of t. Our protocol consists of two phases: (1) $$k = (n-t-1)\cdot (t+1)$$ DH-KE runs to establish secure channels between a subset of all parties and (2) a protocol based on secret sharing, intended to agree on pairwise keys between other parties. We prove that the second phase of protocol is perfectly secure against semi-honest threshold adversary. As a result, we improve the efficiency of multi-party pairwise key agreement in comparison with direct Diffie–Hellman-based approach.

Tài liệu tham khảo

Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976) Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Berlin (2003) Blom, R.: An optimal class of symmetric key generation systems. In: Advances in Cryptology, EUROCRYPT 1984, LNCS, vol. 209, pp. 335–338 (1985) Blundo, C., De Santis, F., Herzberg, F., Kutten, S., Vaccaro, U., Yung, M.: Perfectly-secure key distribution for dynamic conferences. In: Advances in Cryptology, CRYPTO 1992, LNCS, vol. 740, pp. 471–486 (1993) Mitchell, C., Piper, F.: Key storage in secure networks. Discrete Appl. Math. 21, 215–228 (1988) Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS’02), pp. 41–47, November 2002 (2002) Chan, H., Perrig, A., Song D.: Random key predistribution schemes for sensor networks. In: Proceedings of the IEEE Symposium on Security And Privacy, pp. 197–213, May 2003 (2003) Liu, D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS ’03), pp. 52–61, October 2003 (2003) Zhu, S., Xu, S., Setia, S., Jajodia, S.: Establishing pairwise keys for secure communication in ad hoc networks: a probabilistic approach. In: Proceedings of the 11th IEEE International Conference on Network Prot1ocols (ICNP ’03) (2003). http://doi.org/10.1109/ICNP.2003.1249782 Jeong, I.R., Lee, D.H.: Pairwise key agreement protocols using randomness reuse technique. KIPS Trans. PartC 12C(7), 949–958 (2005) Jeong, I.R., Lee, D.H.: Parallel key exchange. J. Univ. Comput. Sci. 14(3), 377–396 (2008) Menezes, A., Ustaogly, B.: On reusing ephemeral keys in Diffie–Hellman key agreement protocols. Int. J. Appl. Cryptogr. 2(2), 154–158 (2010) Chatterjee, S., Menezes, A., Ustaogly, B.: Reusing static keys in key agreement protocols. In: Roy, B., Sendrier, N. (eds.) Progress in Cryptology—INDOCRYPT 2009, pp. 39–56. Springer, Heidelberg (2009) Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979) Blakley, G.R.: Safeguarding cryptographic keys. In: National Computer Conference (AFIPS 1979), Monval, USA, pp. 313–317 (1979) Karnin, E.D., Greene, J.W., Hellman, M.E.: On secret sharing systems. IEEE Trans. Inf. Theory 29, 35–41 (1983) Benaloh, J., Leichter, J.: Generalized secret sharing and monotone functions. In: 8th Annual International Cryptology Conference (CRYPTO 1988), Santa Barbara, USA, pp. 27–35 (1990) Brickell, E.F., Davenport, D.M.: On the classification of ideal secret sharing schemes. J. Cryptol. 4(73), 123–134 (1991) Mignotte, M.: How to share a secret.. In: Beth, T. (ed.) Cryptography, EUROCRYPT 1982, LNCS, vol. 189, pp. 371–375 (1982) Asmuth, C., Bloom, J.: A modular approach to key safeguarding. IEEE Trans. Inf. Theory 29(2), 208–210 (1983) Mashhadi, S.: Secure publicly verifiable and proactive secret sharing schemes with general access structure. Inf. Sci. 378, 99–108 (2017) Dolev, S., ElDefrawy, K., Lampkins, J., Ostrovsky, R., Yung, M.: Proactive secret sharing with a dishonest majority. In: Computer Science on Security and Cryptography for Networks, vol. 9841, pp. 529–548 (2016) Galibus, T., Matveev, G., Shenets, N.: Some structural and security properties of the modular secret sharing. In: Proceedings of SYNASC’2008, IEEE Computer Society, CPS, Los Alamitos, California, pp. 197–200 (2009) Shenets, N.: On the information rate of modular secret sharing schemes. Dokl. Nats. Akad. Nauk Belarusi Ser. Fiz.-Mat. Nauk 54(6), 9–12 (2010). (in Russian) Beimel, A.: Secret-sharing schemes: a survey. In: 3rd International Conference on Coding and Cryptology (IWCC 2011), Qingdao, China, pp. 11–46 (2011) Attasena, V., Darmont, J., Harbi, N.: Secret sharing for cloud data security: a survey. VLDB J. 26, 657–681 (2017) Ingemarsson, I., Simmons, G.J.: A protocol to set up shared secret schemes without the assistance of a mutually trusted party. In: Damgård, I.B. (eds.) Advances in Cryptology, EUROCRYPT 1990, LNCS, Springer, Berlin, Heidelberg, vol. 473, pp. 266–282 (1990) Cramer, R., Damgård, I.B., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press, Cambridge (2015) Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS, pp. 136–145 (2001) ECDH library on C. http://github.com/kokke/tiny-ECDH-c. Accessed 1 May 2019 Kalinin, M., Zegzhda, P., Zegzhda, D., Vasiliev, Y., Belenko, V.: Software defined security for vehicular ad hoc networks. In: Proceedings of 7th International Conference on Information and Communication Technology Convergence, ICTC 2016, Jeju Island, Korea, pp. 533–537, October 2016 (2016) Dapper, T., Emygdio De Melo, C.F., Cumino, P., Rosario, D., Cerqueira, E., De Freitas, P.E.: STFANET: SDN-based topology management for flying ad hoc network. IEEE Access 7, 173499–173514 (2019). https://ieeexplore.ieee.org/document/8917555. Accessed 20 Jan 2020