Cryptology ePrint Archive: Report 2010/225

A Security Weakness in a Generic Construction of a Group Key Exchange Protocol

Junghyun Nam

Abstract: Protocols for group key exchange are cryptographic algorithms that allow a group of parties communicating over a public network to come up with a common secret key. One of the interesting results of research on group key exchange is the protocol compiler presented by Abdalla et al.~in TCC '07. Abdalla et al.'s compiler shows how one can transform any authenticated 2-party key exchange protocol into an authenticated group key exchange protocol with 2 more rounds of communication. This compiler certainly is elegant in its genericness, symmetricity, simplicity and efficiency. However, the situation completely changes when it comes to security. In this work, we reveal a major security weakness in Abdalla et al.'s compiler and show how to address it. The security weakness uncovered here implies that Abdalla et al.'s proof of security for their compiler is invalid.

Category / Keywords: cryptographic protocols / Cryptography, Group key exchange, Protocol compiler, Implicit key authentication, Key confirmation.

Date: received 20 Apr 2010, last revised 21 Apr 2010

Contact author: jhnam at kku ac kr

Available format(s): PDF | BibTeX Citation

Version: 20100428:134721 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]