Cryptology ePrint Archive: Report 2008/295

Foundations of Group Key Management – Framework, Security Model and a Generic Construction

Naga Naresh Karuturi and Ragavendran Gopalakrishnan and Rahul Srinivasan and Pandu Rangan Chandrasekaran

Abstract: Group Key Establishment is fundamental for a variety of security mechanisms in group applications. It allows n > 1 principals to agree upon a common secret key. This can further be classified into Group Key Exchange (or Group Key Agreement), where all the principals participate in the construction of the key, and Group Key Transport (or Group Key Distribution), where the key is chosen by a singe principal and is then securely communicated to the others. Both these techniques can be analyzed in the context of either static or dynamic groups. Dynamic Group Key Establishment is better known as Group Key Management (GKM), as it involves not only the initital key establishment, but also efficient key management when group members join or leave the group. Dynamic Group Key Exchange is also known as decentralized or distributed GKM, while Dynamic Group Key Transport is known as centralized GKM. While there has been a lot of recent work in formal security models for Dynamic Group Key Exchange, little, if any, attention has been directed towards building a concrete framework and formal security model for centralized GKM. Many such schemes that have been proposed so far have been broken, as they cite ambiguous arguments and lack formal proofs. In this paper, we take a first step towards addressing this problem by providing firm foundations for centralized Group Key Management. We provide a generalized framework for centralized GKM along with a formal security model and strong definitions for the security properties that dynamic groups demand. We also show a generic construction of a centralized GKM scheme from any given multi-receiver ID-based Key Encapsulation Mechanism (mID-KEM). By doing so, we unify two concepts that are significantly different in terms of what they achieve. Our construction is simple and efficient. We prove that the resulting GKM inherits the security of the underlying mID-KEM up to CCA security. We also illustrate our general conversion using the mID-KEM proposed in 2007 by Delerablée.

Category / Keywords: Foundations / Provable Security, General Framework, Security Model, Group Communication, Multicast Security, Group Key Management, ID-based Cryptography, Generic Conversion

Date: received 3 Jul 2008, last revised 10 Nov 2008

Contact author: naganareshk at gmail com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: Substantial changes made to the abstract and introductory sections. Also, the format of the paper has been changed.

Version: 20081110:182136 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]