# Flexible Group Key Exchange with On-demand Computation of Subgroup Keys Supporting Subgroup Key Randomization

### Keita Emura, Takashi Sato

#### Abstract

In AFRICACRYPT2010, Abdalla, Chevalier, Manulis, and Pointcheval proposed an improvement of group key exchange (GKE), denoted by GKE+S, which enables on-demand derivation of independent secret subgroup key for all potential subsets. On-demand derivation is efficient (actually, it requires only one round) compared with GKE for subgroup (which requires two or more rounds, usually) by re-using values which was used for the initial GKE session for superior group. In this paper, we improve the Abdalla et al. GKE+S protocol to support key randomization. In our GKE+S protocol, the subgroup key derivation algorithm is probabilistic, whereas it is deterministic in the original Abdalla et al. GKE+S protocol. All subgroup member can compute the new subgroup key (e.g., for countermeasure of subgroup key leakage) with just one-round additional complexity. Our subgroup key establishment methodology is inspired by the “essential idea” of the NAXOS technique. Our GKE+S protocol is authenticated key exchange (AKE) secure under the Gap Diffie-Hellman assumption in the random oracle model.

#### References

- Abdalla, M., Chevalier, C., Manulis, M., and Pointcheval, D. (2010). Flexible group key exchange with on-demand computation of subgroup keys. In AFRICACRYPT, pages 351-368.
- Boyd, C. and Nieto, J. M. G. (2003). Round-optimal contributory conference key agreement. In Public Key Cryptography, pages 161-174.
- Burmester, M. and Desmedt, Y. (1994). A secure and efficient conference key distribution system (extended abstract). In EUROCRYPT, pages 275-286.
- Cheng, Q. and Ma, C. (2010). Security weakness of flexible group key exchange with on-demand computation of subgroup keys. CoRR, abs/1008.1221.
- Gorantla, M. C., Boyd, C., Nieto, J. M. G., and Manulis, M. (2009). Generic one round group key exchange in the standard model. In ICISC, pages 1-15.
- Hatano, T., Miyaji, A., and Sato, T. (2011). T-robust scalable group key exchange protocol with O(logn) complexity. In ACISP, pages 189-207.
- Jarecki, S., Kim, J., and Tsudik, G. (2007). Robust group key agreement using short broadcasts. In ACM Conference on Computer and Communications Security, pages 411-420.
- Katz, J. and Shin, J. S. (2005). Modeling insider attacks on group key-exchange protocols. In ACM Conference on Computer and Communications Security, pages 180- 189. ACM.
- LaMacchia, B. A., Lauter, K., and Mityagin, A. (2007). Stronger security of authenticated key exchange. In ProvSec, pages 1-16.
- Wu, Q., Qin, B., Zhang, L., Domingo-Ferrer, J., and Farràs, O. (2011). Bridging broadcast encryption and group key agreement. In ASIACRYPT, pages 143-160.

#### Paper Citation

#### in Harvard Style

Emura K. and Sato T. (2012). **Flexible Group Key Exchange with On-demand Computation of Subgroup Keys Supporting Subgroup Key Randomization** . In *Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)* ISBN 978-989-8565-24-2, pages 353-357. DOI: 10.5220/0003986003530357

#### in Bibtex Style

@conference{secrypt12,

author={Keita Emura and Takashi Sato},

title={Flexible Group Key Exchange with On-demand Computation of Subgroup Keys Supporting Subgroup Key Randomization},

booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},

year={2012},

pages={353-357},

publisher={SciTePress},

organization={INSTICC},

doi={10.5220/0003986003530357},

isbn={978-989-8565-24-2},

}

#### in EndNote Style

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)

TI - Flexible Group Key Exchange with On-demand Computation of Subgroup Keys Supporting Subgroup Key Randomization

SN - 978-989-8565-24-2

AU - Emura K.

AU - Sato T.

PY - 2012

SP - 353

EP - 357

DO - 10.5220/0003986003530357