Modeling key compromise impersonation attacks on group key exchange protocols


Autoria(s): Gorantla, Choudary; Boyd, Colin; Gonzalez Nieto, Juan M.; Manulis, Mark
Data(s)

01/12/2011

Resumo

Two-party key exchange (2PKE) protocols have been rigorously analyzed under various models considering different adversarial actions. However, the analysis of group key exchange (GKE) protocols has not been as extensive as that of 2PKE protocols. Particularly, an important security attribute called key compromise impersonation (KCI) resilience has been completely ignored for the case of GKE protocols. Informally, a protocol is said to provide KCI resilience if the compromise of the long-term secret key of a protocol participant A does not allow the adversary to impersonate an honest participant B to A. In this paper, we argue that KCI resilience for GKE protocols is at least as important as it is for 2PKE protocols. Our first contribution is revised definitions of security for GKE protocols considering KCI attacks by both outsider and insider adversaries. We also give a new proof of security for an existing two-round GKE protocol under the revised security definitions assuming random oracles. We then show how to achieve insider KCIR in a generic way using a known compiler in the literature. As one may expect, this additional security assurance comes at the cost of an extra round of communication. Finally, we show that a few existing protocols are not secure against outsider KCI attacks. The attacks on these protocols illustrate the necessity of considering KCI resilience for GKE protocols.

Formato

application/pdf

Identificador

http://eprints.qut.edu.au/48117/

Publicador

Association for Computing Machinery Inc

Relação

http://eprints.qut.edu.au/48117/1/PKC_ICISC_Full_version.pdf

DOI:10.1145/2043628.2043629

Gorantla, Choudary, Boyd, Colin, Gonzalez Nieto, Juan M., & Manulis, Mark (2011) Modeling key compromise impersonation attacks on group key exchange protocols. ACM Transactions on Information and System Security, 14(4), 28:1-28:24.

Direitos

ACM COPYRIGHT NOTICE. Copyright © 2011 by the Association for Computing Machinery, Inc.

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.

Fonte

Computer Science; Faculty of Science and Technology; Information Security Institute

Palavras-Chave #080303 Computer System Security #080400 DATA FORMAT #group key exchange #key compromise impersonation
Tipo

Journal Article