Paper 2010/494

Stronger Security Model of Group Key Agreement

Jianjie Zhao, Dawu Gu, and M. Choudary Gorantla


In PKC 2009, Gorantla, Boyd and González Nieto presented a nice result on modelling security for group key agreement (GKA) protocols. They proposed a novel security model (GBG model) that better supports the adversaries' queries than previous models for GKA protocols by considering KCI resilience. However, ephemeral key leakage attack resistance has been left outside the scope of the GBG model. In this paper, we demonstrate an ephemeral key leakage on an existing GKA protocol which has been shown secure in the GBG model. We then extend the GBG model by allowing the adversary greater attack powers of leaking ephemeral keys in GKA protocol session. We also apply the well known NAXOS trick to propose an improvement to an existing GKA protocol, which can resist the ephemeral key leakage attack. The security of the improved protocol has been argued under the our new model.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Group key agreementEphemeral key leakage attackSecurity modelProvable security
Contact author(s)
jjzhao81 @ gmail com
2010-09-23: revised
2010-09-22: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jianjie Zhao and Dawu Gu and M.  Choudary Gorantla},
      title = {Stronger Security Model of Group Key Agreement},
      howpublished = {Cryptology ePrint Archive, Paper 2010/494},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.