Abstract
The type of centralized group key establishment protocols is the most commonly used one due to its efficiency in computation and communication. A key generation center (KGC) in this type of protocols acts as a server to register users initially. Since the KGC selects a group key for group communication, all users must trust the KGC. Needing a mutually trusted KGC can cause problem in some applications. For example, users in a social network cannot trust the network server to select a group key for a secure group communication. In this paper, we remove the need of a mutually trusted KGC by assuming that each user only trusts himself. During registration, each user acts as a KGC to register other users and issue sub-shares to other users. From the secret sharing homomorphism, all sub-shares of each user can be combined into a master share. The master share enables a pairwise shared key between any pair of users. A verification of master shares enables all users to verify their master shares are generated consistently without revealing the master shares. In a group communication, the initiator can become the server to select a group key and distribute it to each other user over a pairwise shared channel. Our design is unique since the storage of each user is minimal, the verification of master shares is efficient and the group key distribution is centralized. There are public-key based group key establishment protocols without a trusted third party. However, these protocols can only establish a single group key. Our protocol is a non-public-key solution and can establish multiple group keys which is computationally efficient.
References
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Ingemarsson I, Tang DT, Wong CK (1982) A conference key distribution system. IEEE Trans Inf Theory 28(5):714–720
Steer DG, Strawczynski L, Diffie W, Wiener MJ (1988) A secure audio teleconference system. Proc. of Crypto ‘88, LNCS, vol. 403, pp 520–528
Burmester M, Desmedt Y (1995) A secure and efficient conference key distribution system. Proc. of Eurocrypt ‘94, LNCS, vol. 950, pp 275–286
Steiner M, Tsudik G, Waidner M (1996) Diffie-Hellman key distribution extended to group communication. Proc. Third ACM Conf. Computer and Comm. Security (CCS ‘96), pp 31–37
Bresson E, Chevassut O, Pointcheval D, Quisquater J-J (2001) Provably authenticated group Diffie-Hellman key exchange. Proc. of ACM Conf. Computer and Comm. Security (CCS ‘01), pp 255–264
Bohli JM (2006) A framework for robust group key agreement. Proc. of Int’l Conf. Computational Science and Applications (ICCSA ‘06), LNCS, vol. 3982, pp 355–364
Harn L, Lin C (2014) Efficient group Diffie-Hellman key agreement protocols. Comput Electr Eng 40:1972–1980
Wu Q, Qin B, Zhang L, Domingo-Ferrer J, Manjón JA (2013) Fast transmission to remote cooperative groups: a new key management paradigm. IEEE/ACM Trans Networking 21(2):621–633
IEEE CS (2004) 802.1X, IEEE standard for local and metropolitan area networks, port-based network access control. The Inst. of Electrical and Electronics Engineers, Inc
Laih C, Lee J, Harn L (1989) A new threshold scheme and its application in designing the conference key distribution cryptosystem. Inf Process Lett 32:95–99
Berkovits S (1991) How to broadcast a secret. Proc. of Eurocrypt ‘91, LCNS, vol. 547, pp 536–541
Li CH, Pieprzyk J (1999) Conference key agreement from secret sharing. Proc. of Fourth Australasian Conf. Information Security and Privacy (ACISP ‘99), LNCS, vol. 1587, pp 64–76
Saze G (2003) Generation of key predistribution schemes using secret sharing schemes. Discret Appl Math 128:239–249
Harn L, Lin C (2010) Authenticated group key transfer protocol based on secret sharing. IEEE Trans Comput 59(6):842–846
Bohli JM (2006) A framework for robust group key agreement. Proc. Int’l Conf. Computational Science and Applications (ICCSA ‘06), pp 355–364
Katz J, Yung M (2007) Scalable protocols for authenticated group key exchange. J Cryptol 20:85–113
Chor B, Goldwasser S, Micali S, Awerbuch B (1985) Verifiable secret sharing and achieving simultaneity in the presence of faults. In Proceedings of the 26th IEEE Symposium on the Foundations of Computer Science. IEEE Press, pp 383–395
Feldman P (1987) A practical scheme for non-interactive verifiable secret sharing. In Proceedings of the 28th IEEE Symposium on Foundations of Computer Science, 27–29 October, Los Angeles, IEEE Computer Society, pp 427–437
Pedersen TP (1992) Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology - CRYPTO ‘91, LNCS, vol. 576, Springer-Verlag, pp129–140
Benaloh JC (1987) Secret sharing homomorphisms: keeping shares of a secret secret. In Advances in Cryptology - CRYPTO ‘86, Lecture Notes in Computer Science, vol. 263, Springer-Verlag, pp 251–260
Stadler M (1996) Publicly verifiable secret sharing. In Advances in Cryptology - EUROCRYPT ‘96, LNCS, vol. 1070, Springer-Verlag, pp 190–199
Fujisaki E, Okamoto T (1998) A practical and provably secure scheme for publicly verifiable secret sharing and its applications. In Advances in Cryptology - EUROCRYPT ‘98, LNCS, vol. 1403, Springer-Verlag, pp 32–46
Fiat A, Shamir A (1987) How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology - CRYPTO 1986, LNCS, vol. 263, Springer-Verlag, pp186–194
Peng A, Wang L (2010) One publicly verifiable secret sharing scheme based on linear cod. In Proceeding of 2nd Conference on Environmental Science and Information Application Technology, pp 260–262
Ruiz A, Villar JL (2005) Publicly verifiable secret sharing from Paillier’s cryptosystem. In Proceedings of WEWoRC ‘05, LNI P-74, pp 98–108
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology - EUROCRYPT ‘99, LNCS, vol. 1592, Springer-Verlag, pp 223–238
Tian Y, Peng C, Ma J (2012) Publicly verifiable secret sharing schemes using bilinear pairings. Int J Netw Secur 14(3):142–148
Wu T, Tsenga Y (2011) A pairing-based publicly verifiable secret sharing scheme. J Syst Sci Complex 24(1):186–194
Gennaro R, Ishai Y, Kushilevitz E, Rabin T (2001) The round complexity of verifiable secret sharing and secure multicast. STOC, pp 580–589
Katz J, Koo C, Kumaresan R (2008) Improved the round complexity of VSS in point-to-point networks. Proceedings of ICALP ‘08, Part II, in: LNCS, vol. 5126, Springer, pp 499–510
Kumaresan R, Patra A, Rangan CP (2010) The round complexity of verifiable secret sharing: the statistical case. Advances in Cryptology - ASIACRYPT 2010, LNCS, vol. 6477, Springer, pp 431–447
Nikov V, Nikova S (2005) On proactive secret sharing schemes. LNCS, vol. 3357, Springer, pp 308–325
Standard N F. Announcing the advanced encryption standard (AES)[J]. Federal Information Processing Standards Publication, 2001, 197: 1-51.
Author information
Authors and Affiliations
Corresponding author
Additional information
Lein Harn and ChingFang Hsu contributed equally to this work.
Rights and permissions
About this article
Cite this article
Harn, L., Hsu, CF. & Li, B. Centralized Group Key Establishment Protocol without a Mutually Trusted Third Party. Mobile Netw Appl 23, 1132–1140 (2018). https://doi.org/10.1007/s11036-016-0776-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-016-0776-7