A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy

Research output: Contribution to journalArticle

31 Citations (Scopus)

Abstract

A conference-key establishment protocol allows participants to construct a common session key that is used to encrypt/decrypt transmitted messages among the participants over an open channel. There are two kinds of conference-key establishment protocols: conference-key distribution and conference-key agreement. In a conference-key distribution protocol, a trusted or elected entity is responsible for generating and distributing the conference key. A conference-key agreement protocol involves all participants cooperatively establishing a conference key. This article designs a secure conference-key agreement protocol with constant round number and message size. Under the decision Diffie-Hellman problem assumption, the resulting protocol is demonstrated to be secure against passive adversaries. Under the random oracle model, the proposed protocol is demonstrated to be provable secure against impersonator attacks and withstand known-key attacks. Compared to previously proposed protocols with round-efficiency, the proposed protocol requires a constant message size for each participant. Furthermore, the proposed protocol possesses both fault tolerance and forward secrecy, while previously proposed protocols with round-efficiency lack one or both properties.

Original languageEnglish
Pages (from-to)1091-1101
Number of pages11
JournalJournal of Systems and Software
Volume80
Issue number7
DOIs
Publication statusPublished - 2007 Jul 1

Fingerprint

Communication
Fault tolerance

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Information Systems
  • Software

Cite this

@article{005d0efc2b11497d84f2d1fcc560317d,
title = "A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy",
abstract = "A conference-key establishment protocol allows participants to construct a common session key that is used to encrypt/decrypt transmitted messages among the participants over an open channel. There are two kinds of conference-key establishment protocols: conference-key distribution and conference-key agreement. In a conference-key distribution protocol, a trusted or elected entity is responsible for generating and distributing the conference key. A conference-key agreement protocol involves all participants cooperatively establishing a conference key. This article designs a secure conference-key agreement protocol with constant round number and message size. Under the decision Diffie-Hellman problem assumption, the resulting protocol is demonstrated to be secure against passive adversaries. Under the random oracle model, the proposed protocol is demonstrated to be provable secure against impersonator attacks and withstand known-key attacks. Compared to previously proposed protocols with round-efficiency, the proposed protocol requires a constant message size for each participant. Furthermore, the proposed protocol possesses both fault tolerance and forward secrecy, while previously proposed protocols with round-efficiency lack one or both properties.",
author = "Yuh-Min Tseng",
year = "2007",
month = "7",
day = "1",
doi = "10.1016/j.jss.2006.10.053",
language = "English",
volume = "80",
pages = "1091--1101",
journal = "Journal of Systems and Software",
issn = "0164-1212",
publisher = "Elsevier Inc.",
number = "7",

}

A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy. / Tseng, Yuh-Min.

In: Journal of Systems and Software, Vol. 80, No. 7, 01.07.2007, p. 1091-1101.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy

AU - Tseng, Yuh-Min

PY - 2007/7/1

Y1 - 2007/7/1

N2 - A conference-key establishment protocol allows participants to construct a common session key that is used to encrypt/decrypt transmitted messages among the participants over an open channel. There are two kinds of conference-key establishment protocols: conference-key distribution and conference-key agreement. In a conference-key distribution protocol, a trusted or elected entity is responsible for generating and distributing the conference key. A conference-key agreement protocol involves all participants cooperatively establishing a conference key. This article designs a secure conference-key agreement protocol with constant round number and message size. Under the decision Diffie-Hellman problem assumption, the resulting protocol is demonstrated to be secure against passive adversaries. Under the random oracle model, the proposed protocol is demonstrated to be provable secure against impersonator attacks and withstand known-key attacks. Compared to previously proposed protocols with round-efficiency, the proposed protocol requires a constant message size for each participant. Furthermore, the proposed protocol possesses both fault tolerance and forward secrecy, while previously proposed protocols with round-efficiency lack one or both properties.

AB - A conference-key establishment protocol allows participants to construct a common session key that is used to encrypt/decrypt transmitted messages among the participants over an open channel. There are two kinds of conference-key establishment protocols: conference-key distribution and conference-key agreement. In a conference-key distribution protocol, a trusted or elected entity is responsible for generating and distributing the conference key. A conference-key agreement protocol involves all participants cooperatively establishing a conference key. This article designs a secure conference-key agreement protocol with constant round number and message size. Under the decision Diffie-Hellman problem assumption, the resulting protocol is demonstrated to be secure against passive adversaries. Under the random oracle model, the proposed protocol is demonstrated to be provable secure against impersonator attacks and withstand known-key attacks. Compared to previously proposed protocols with round-efficiency, the proposed protocol requires a constant message size for each participant. Furthermore, the proposed protocol possesses both fault tolerance and forward secrecy, while previously proposed protocols with round-efficiency lack one or both properties.

UR - http://www.scopus.com/inward/record.url?scp=34248526025&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34248526025&partnerID=8YFLogxK

U2 - 10.1016/j.jss.2006.10.053

DO - 10.1016/j.jss.2006.10.053

M3 - Article

AN - SCOPUS:34248526025

VL - 80

SP - 1091

EP - 1101

JO - Journal of Systems and Software

JF - Journal of Systems and Software

SN - 0164-1212

IS - 7

ER -