Cryptology ePrint Archive: Report 2021/112

Full-Resilient Memory-Optimum Multi-Party Non-Interactive Key Exchange

Majid Salimi and Hamid Mala and Honorio Martin and Pedro Peris-Lopez

Abstract: Multi-Party Non-Interactive Key Exchange (MP-NIKE) is a fundamental cryptographic primitive in which users register into a key generation centre and receive a public/private key pair each. After that, any subset of these users can compute a shared key without any interaction. Nowadays, IoT devices suffer from a high number and large size of messages exchanged in the Key Management Protocol (KMP). To overcome this, an MP-NIKE scheme can eliminate the airtime and latency of messages transferred between IoT devices. MP-NIKE schemes can be realized by using multilinear maps. There are several attempts for constructing multilinear maps based on indistinguishable obfuscation, lattices and the Chinese Remainder Theorem (CRT). Nevertheless, these schemes are inefficient in terms of computation cost and memory overhead. Besides, several attacks have been recently reported against CRT-based and lattice-based multilinear maps. There is only one modular exponentiation-based MP-NIKE scheme in the literature which has been claimed to be both secure and efficient. In this article, we present an attack on this scheme based on the Euclidean algorithm, in which two colluding users can obtain the shared key of any arbitrary subgroup of users. We also propose an efficient and secure MP-NIKE scheme. We show how our proposal is secure in the random oracle model assuming the hardness of the root extraction modulo a composite number.

Category / Keywords: public-key cryptography / Multi-Party Non-Interactive Key Exchange, Broadcast Encryption, Internet of Things, Random Oracle Model.

Original Publication (in the same form): IEEE Access
DOI:
10.1109/ACCESS.2020.2964038

Date: received 30 Jan 2021, last revised 6 Feb 2021, withdrawn 6 Feb 2021

Contact author: majidsalimi3 at gmail com

Available format(s): (-- withdrawn --)

Version: 20210206:131916 (All versions of this report)

Short URL: ia.cr/2021/112


[ Cryptology ePrint archive ]