Paper 2006/119

Repairing Attacks on a Password-Based Group Key Agreement

Ratna Dutta and Rana Barua

Abstract

From designing point of view, it is not a trivial task to convert a group key agreement protocol into password-based setting where the members of the group share only a human-memorable weak password and the system may not have any secure public key infrastructure. Security analysis against dictionary attacks is on the other side of the coin. The low entropy of human memorable password may enable an adversary to mount off-line dictionary attacks if careful approaches are not taken in designing the protocol. Recently, Kim et al. proposed a very efficient provably secure group key agreement protocol KLL, security of which relies on the Computational Diffie-Hellman (CDH) assumption in the presence of random oracles. Dutta-Barua embed the protocol KLL into password-based environment -- yielding the protocol DB-PWD. Abdalla et al. detect certain flaws in the protocol DB-PWD. In this paper, we take suitable measures to overcome these attacks. We introduce a protocol MDB-PWD -- an improved variant of the protocol DB-PWD and analyze its security in the security framework formalized by Bellare et al. in both the ideal cipher model and the random oracle model under CDH assumption.