Browse > Article
http://dx.doi.org/10.3837/tiis.2022.05.015

A Certificateless-based One-Round Authenticated Group Key Agreement Protocol to Prevent Impersonation Attacks  

Ren, Huimin (Department of Software Convergence, Soonchunhyang University)
Kim, Suhyun (National IT Industry Promotion Agency)
Seo, Daehee (Department of Faculty of Artificial Intelligence and Data Engineering, Sangmyung University)
Lee, Imyeong (Department of Software Convergence, Soonchunhyang University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.16, no.5, 2022 , pp. 1687-1707 More about this Journal
Abstract
With the development of multiuser online meetings, more group-oriented technologies and applications for instance collaborative work are becoming increasingly important. Authenticated Group Key Agreement (AGKA) schemes provide a shared group key for users with after their identities are confirmed to guarantee the confidentiality and integrity of group communications. On the basis of the Public Key Cryptography (PKC) system used, AGKA can be classified as Public Key Infrastructure-based, Identity-based, and Certificateless. Because the latter type can solve the certificate management overhead and the key escrow problems of the first two types, Certificateless-AGKA (CL-AGKA) protocols have become a popular area of research. However, most CL-AGKA protocols are vulnerable to Public Key Replacement Attacks (PKRA) due to the lack of public key authentication. In the present work, we present a CL-AGKA scheme that can resist PKRA in order to solve impersonation attacks caused by those attacks. Beyond security, improving scheme efficiency is another direction for AGKA research. To reduce the communication and computation cost, we present a scheme with only one round of information interaction and construct a CL-AGKA scheme replacing the bilinear pairing with elliptic curve cryptography. Therefore, our scheme has good applicability to communication environments with limited bandwidth and computing capabilities.
Keywords
Certificateless; Authenticated group key agreement; One-Round; Pairing-Free; ECC; Impersonation Attacks;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Kumar, S. Tripathi, P. Jaiswal, "A pairing free certificateless group key agreement protocol with constant round," Advanced Computing, Networking and Informatics-Volume 2, Springer, Cham, pp. 341-349, 2014.
2 S. Mandal, S. Mohanty, B. Majhi, "CL-AGKA: Certificateless authenticated group key agreement protocol for mobile networks," Wireless Networks, vol. 26, no. 4, pp. 3011-3031, 2020.   DOI
3 L. Zhang, Q. Wu, B. Qin, et al, "Certificateless and identity-based authenticated asymmetric group key agreement," International Journal of Information Security, vol.16, no. 5, pp. 559-576, 2017.   DOI
4 S. Bala, G. Sharma, A. K. Verma, "Impersonation attack on CertificateLess key agreement protocol," International Journal of Ad Hoc and Ubiquitous Computing, vol. 27, no. 2, pp.108-120, 2018.   DOI
5 S. Heo, Z. Kim, K. Kim, "Certificateless authenticated group key agreement protocol for dynamic groups," in Proc. of IEEE GLOBECOM 2007-IEEE Global Telecommunications Conference, IEEE, pp. 464-468, 2007.
6 A. Kumar, S. Tripathi, "Ternary tree based group key agreement protocol over elliptic curve for dynamic group," International Journal of Computer Applications, vol. 86, no. 7, 2014.
7 Teng, Jikai, Wu. Chuankun, "A provable authenticated certificateless group key agreement with Constant-Rounds," Journal of Communications and Networks, 14.1, pp. 104-110, 2012.   DOI
8 S. S. Al-Riyami, K. G. Paterson, "Certificateless Public Key Cryptography," in Proc. of International conference on the theory and application of cryptology and information security, pp. 452-473, 2003.
9 A. Rawat, M. Deshmukh, "Tree and elliptic curve based efficient and secure group key agreement protocol," Journal of Information Security and Applications, vol. 55, pp. 102599, 2020.   DOI
10 E. Bresson, D. Catalano, "Constant round authenticated group key agreement via distributed computation," in Proc. of International Workshop on Public Key Cryptography, Springer, Berlin, Heidelberg, pp. 115-129, 2004.
11 M. Girault, "Self-certified public keys," in Proc. of Workshop on the Theory and Application of of Cryptographic Techniques, Springer, Berlin, Heidelberg, pp. 490-497, 1991.
12 J. Katz, M. Yung, "Scalable protocols for authenticated group key exchange," in Proc. of Annual international cryptology conference, Springer, Berlin, Heidelberg, pp. 110-125, 2003.
13 J. Lopez, R. Dahab, "An overview of elliptic curve cryptography," 2000.
14 A. Kumar, S. Tripathi, "A pairing free anonymous certificateless group key agreement protocol for dynamic group," Wireless Personal Communications, vol. 82, no. 2, pp. 1027-1045, 2015.   DOI
15 L. Zhang, Q. Wu, B. Qin, et al, "Certificateless and identity-based authenticated asymmetric group key agreement," International Journal of Information Security, vol. 16, no. 5, pp. 559-576, 2017.   DOI
16 N. Q. Viet, W. Ogata, "Certificateless aggregate signature schemes with improved security," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 98, no. 1, pp. 92-99, 2015.
17 S. Chun, H. U. Kangwen, X. U. E. Jingfeng, et al, "Improved pairing-free constant round certificateless authenticated group key agreement protocol," Journal of Tsinghua University (Science and Technology), vol. 57, no. 6, pp. 580-585, 2017.
18 K. Y. Choi, J. Y. Hwang, D. H. Lee, "Efficient ID-based group key agreement with bilinear maps," in Proc. of International Workshop on Public Key Cryptography, Springer, Berlin, Heidelberg, pp. 130-144, 2004.
19 B. Semal, K. Markantonakis, R. N. Akram, "A certificateless group authenticated key agreement protocol for secure communication in untrusted UAV networks," in Proc. of IEEE/AIAA 37th Digital Avionics Systems Conference (DASC), IEEE, pp. 1-8, 2018.
20 M. J. Beller, Y. Yacobi, "Fully-fledged two-way public key authentication and key agreement for low-cost terminals," Electronics Letters, vol. 29, no. 11, pp. 999-1001, 1993.   DOI
21 J. Zheng, C. Yang, J. Xue, et al, "A dynamic id-based authenticated group key agreement protocol," in Proc. of the 4th National Conference on Electrical, Electronics and Computer Engineering, 2015.
22 S. Heo, Z. Kim, K. Kim, "Certificateless authenticated group key agreement protocol for dynamic groups," in Proc. of IEEE GLOBECOM 2007-IEEE global telecommunications conference, IEEE, pp. 464-468, 2007.
23 E. J. Lee, S. E. Lee, K. Y. Yoo, "A certificateless authenticated group key agreement protocol providing forward secrecy," in Proc. of International Symposium on Ubiquitous Multimedia Computing, IEEE, pp. 124-129, 2008.
24 L. Wang, Y. Tian, D. Zhang, et al, "Constant-round authenticated and dynamic group key agreement protocol for D2D group communications," Information Sciences, vol. 503, pp. 61-71, 2019.   DOI
25 C. Adams, S. Lloyd, "Understanding public-key infrastructure: concepts, standards, and deployment considerations," Sams Publishing, 1999.
26 A. Shamir, "Identity-Based Cryptography systems and Signature Schemes," Advances in Cryptology, pp. 47-53, 1984.
27 V. S. Naresh, N. V. E. S. Murthy, "A new two-round dynamic authenticated contributory group key agreement protocol using elliptic curve Diffie-Hellman with privacy preserving public key infrastructure," Sadhana, vol. 40, no. 7, pp. 2143-2161, 2015.   DOI
28 J. Yeh, S. Sridhar, G. G. Dagher, et al, "A certificateless one-way group key agreement protocol for end-to-end email encryption," in Proc. of IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC), IEEE, pp. 34-43, 2018.
29 C. Zemao, Z. Junge, H. Biyi, "Optimizing PKI for 3GPP authentication and key agreement," in Proc. of Fourth International Conference on Multimedia Information Networking and Security, IEEE, pp. 79-82, 2012.
30 E. Bresson, O. Chevassut, A. Essiari, et al, "Mutual authentication and group key agreement for low-power mobile devices," Computer Communications, vol. 27, no. 17, pp. 1730-1737, 2004.   DOI
31 L. C. Li, Y. P. Tsai, R. S. Liu, S. Nathani, B. P. Tripathi, S. Khatoon, "A Dynamic ID Based Authenticated Group Key Agreement Protocol from Pairing," Int. J. Netw. Secure, vol. 21, no. 4, pp. 582-591, 2019.
32 S. K. Islam, A. Singh, "Provably secure one-round certificateless authenticated group key agreement protocol for secure communications," Wireless Personal Communications, vol. 85, no.3, pp. 879-898, 2015.   DOI
33 G. Xiaozhuo, X. Taizhong, Weihua Z, et al, "A pairing-free certificateless authenticated group key agreement protocol," in Proc. of IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC, CSS, ICESS), pp. 510-513, 2014.
34 M. Geng, F. Zhang, M. Gao, "A secure certificateless authenticated group key agreement protocol," in Proc. of International conference on multimedia information networking and security, IEEE, pp. 1: 342-346, 2009.
35 W. Diffie, M. Hellman, "New directions in cryptography," IEEE transactions on Information Theory, vol. 22, no. 6, pp. 644-654, 1976.   DOI
36 I. A. Kamil, S. O. Ogundoyin, "A lightweight certificateless authentication scheme and group key agreement with dynamic updating mechanism for LTE-V-based internet of vehicles in smart cities," Journal of Information Security and Applications, vol. 63, pp. 102994, 2021.   DOI
37 M. Burmester, Y. Desmedt, "A secure and efficient conference key distribution system," in Proc. of Workshop on the Theory and Application of of Cryptographic Techniques, Springer, Berlin, Heidelberg, pp. 275-286, 1994.
38 V. Kapoor, V. S. Abraham, R. Singh, "Elliptic curve cryptography," Ubiquity, pp. 1-8, 2008.
39 H. Xiong, Y. Wu, Z. Lu, "A survey of group key agreement protocols with Constant-Rounds," ACM Computing Surveys (CSUR), vol. 52, no. 3, pp. 1-32, 2019.
40 M. Luo, J. Wu, X. Li, "Cross-domain certificateless authenticated group key agreement protocol for 5G network slicings," Telecommunication Systems, 74(4), 437-449, 2020.   DOI