Financial Cryptography and Data Security
Lecture Notes in Computer Science, 2007, Volume 4886/2007, 104-118, DOI: 10.1007/978-3-540-77366-5_12

Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups

Yvo Desmedt, Tanja Lange and Mike Burmester

View Related Documents

Abstract

Task-specific groups are often formed in an ad-hoc manner within large corporate structures, such as companies. Take the following typical scenario: A director decides to set up a task force group for some specific project. An order is passed down the hierarchy where it finally reaches a manager who selects some employees to form the group. The members should communicate in a secure way and for efficiency, a symmetric encryption system is chosen. To establish a joint secret key for the group, a group key exchange (GKE) protocol is used. We show how to use an existing Public Key Infrastructure (PKI) to achieve authenticated GKE by modifying the protocol and particularly by including signatures.
In this paper we recall a GKE due to Burmester and Desmedt which needs only O(logn) communication and computation complexity per user, rather than O(n) as in the more well-known Burmester-Desmedt protocol, and runs in a constant number of rounds. To achieve authenticated GKE one can apply compilers, however, the existing ones would need O(n) computation and communication thereby mitigating the advantages of the faster protocol. Our contribution is to extend an existing compiler so that it preserves the computation and communication complexity of the non-authenticated protocol. This is particularly important for tree based protocols.

Keywords  Key Distribution - Group Key Exchange - Tree based GKE - Ad-Hoc Groups - Forward Security - Authentication - Anonymity

Fulltext Preview

Image of the first page of the fulltext document