research-article

Password-Authenticated Group Key Exchange: A Cross-Layer Design

Authors:

Xinyi HuangAuthors Info & Claims

ACM Transactions on Internet Technology (TOIT), Volume 16, Issue 4

Article No.: 24, Pages 1 - 20

https://doi.org/10.1145/2955095

Published: 09 December 2016 Publication History

Abstract

Two-party password-authenticated key exchange (2PAKE) protocols provide a natural mechanism for secret key establishment in distributed applications, and they have been extensively studied in past decades. However, only a few efforts have been made so far to design password-authenticated group key exchange (GPAKE) protocols. In a 2PAKE or GPAKE protocol, it is assumed that short passwords are preshared among users. This assumption, however, would be impractical in certain applications. Motivated by this observation, this article presents a GPAKE protocol without the password sharing assumption. To obtain the passwords, wireless devices, such as smart phones, tablets, and laptops, are used to extract short secrets at the physical layer. Using the extracted secrets, users in our protocol can establish a group key at higher layers with light computation consumptions. Thus, our GPAKE protocol is a cross-layer design. Additionally, our protocol is a compiler, that is, our protocol can transform any provably secure 2PAKE protocol into a GPAKE protocol with only one more round of communications. Besides, the proposed protocol is proved secure in the standard model.

References

[1]

Michel Abdalla, Jens-Matthias Bohli, Maria Isabel Gonzalez Vasco, and Rainer Steinwandt. 2007. (Password) authenticated key establishment: From 2-party to group. In Proceedings of the 4th Theory of Cryptography Conference (TCC’07) (Lecture Notes in Computer Science), Salil P. Vadhan (Ed.), Vol. 4392. Springer, 499--514.

Digital Library

[2]

Michel Abdalla, Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. 2006. Password-based group key exchange in a constant number of rounds. In Public Key Cryptography - Proceedings of the 9th International Conference on Theory and Practice of Public-Key Cryptography (PKC’06) (Lecture Notes in Computer Science), Moti Yung, Yevgeniy Dodis, Aggelos Kiayias, and Tal Malkin (Eds.), Vol. 3958. Springer, 427--442.

Digital Library

[3]

Michel Abdalla, Dario Catalano, Céline Chevalier, and David Pointcheval. 2009. Password-authenticated group key agreement with adaptive security and contributiveness. In Progress in Cryptology - Proceedings of the 2nd International Conference on Cryptology in Africa (AFRICACRYPT’09) (Lecture Notes in Computer Science), Bart Preneel (Ed.), Vol. 5580. Springer, 254--271.

Digital Library

[4]

Michel Abdalla, Céline Chevalier, Louis Granboulan, and David Pointcheval. 2011. Contributory password-authenticated group key exchange with join capability. In Topics in Cryptology - Proceedings of the Cryptographers’ Track at the RSA Conference (CT-RSA’11) (Lecture Notes in Computer Science), Aggelos Kiayias (Ed.), Vol. 6558. Springer, 142--160.

Digital Library

[5]

Michel Abdalla and David Pointcheval. 2006. A scalable password-based group key exchange protocol in the standard model. In Advances in Cryptology - Proceedings of the 12th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’06) (Lecture Notes in Computer Science), Xuejia Lai and Kefei Chen (Eds.), Vol. 4284. Springer, 332--347.

Digital Library

[6]

Mihir Bellare, David Pointcheval, and Phillip Rogaway. 2000. Authenticated key exchange secure against dictionary attacks. In Advances in Cryptology - Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT’00) (Lecture Notes in Computer Science), Bart Preneel (Ed.), Vol. 1807. Springer, 139--155.

[7]

Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. 2002. Group Diffie-Hellman key exchange secure against dictionary attacks. In Advances in Cryptology - Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’02), (Lecture Notes in Computer Science), Yuliang Zheng (Ed.), Vol. 2501. Springer, 497--514.

Digital Library

[8]

Mike Burmester and Yvo Desmedt. 1994. A secure and efficient conference key distribution system (extended abstract). In Advances in Cryptology - Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT’94) (Lecture Notes in Computer Science), Alfredo De Santis (Ed.), Vol. 950. Springer, 275--286.

[9]

Arcangelo Castiglione, Paolo D’Arco, Alfredo De Santis, and Rosario Russo. 2015a. Secure group communication schemes for dynamic heterogeneous distributed computing. In Press. Future Generation Computer Systems (2015).

[10]

Arcangelo Castiglione, Francesco Palmieri, Ugo Fiore, Aniello Castiglione, and Alfredo De Santis. 2015b. Modeling energy-efficient secure communications in multi-mode wireless mobile devices. Journal of Computer and System Sciences 81, 8 (2015), 1464--1478.

Digital Library

[11]

Arcangelo Castiglione, Alfredo De Santis, Aniello Castiglione, Francesco Palmieri, and Ugo Fiore. 2013. An energy-aware framework for reliable and secure end-to-end ubiquitous data communications. In Proceedings of the 2013 5th International Conference on Intelligent Networking and Collaborative Systems. IEEE, 157--165.

Digital Library

[12]

Wanchun Dou, Xuyun Zhang, Jianxun Liu, and Jinjun Chen. 2015. HireSome-II: Towards privacy-aware cross-cloud service composition for big data applications. IEEE Transactions on Parallel and Distributed Systems 26, 2 (2015), 455--466.

Digital Library

[13]

Ratna Dutta and Rana Barua. 2006. Password-based encrypted group key agreement. International Journal of Network Security 3, 1 (2006), 23--34.

[14]

Feng Hao, Xun Yi, Liqun Chen, and Siamak Fayyaz Shahandashti. 2015. The fairy-ring dance: Password authenticated key exchange in a group. IACR Cryptology ePrint Archive 2015 (2015), 80.

[15]

Daojing He, Chun Chen, Maode Ma, Sammy Chan, and Jiajun Bu. 2013. A secure and efficient password-authenticated group key exchange protocol for mobile ad hoc networks. International Journal of Communication Systems 26, 4 (2013), 495--504.

[16]

Suman Jana, Sriram Nandha Premnath, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MOBICOM’09), Kang G. Shin, Yongguang Zhang, Rajive Bagrodia, and Ramesh Govindan (Eds.). ACM, 321--332.

Digital Library

[17]

Jonathan Katz, Rafail Ostrovsky, and Moti Yung. 2009. Efficient and secure authenticated key exchange using weak passwords. Journal of the ACM 57, 1 (2009).

Digital Library

[18]

Jonathan Katz and Moti Yung. 2003. Scalable protocols for authenticated group key exchange. In Advances in Cryptology - 23rd Annual International Cryptology Conference (CRYPTO’03), (Lecture Notes in Computer Science), Dan Boneh (Ed.), Vol. 2729. Springer, 110--125.

[19]

Osman Khalid, Samee Ullah Khan, Sajjad Ahmad Madani, Khizar Hayat, Majid Iqbal Khan, Nasro Min-Allah, Joanna Kolodziej, Lizhe Wang, Sherali Zeadally, and Dan Chen. 2013. Comparative study of trust and reputation systems for wireless sensor networks. Security and Communication Networks 6, 6 (2013), 669--688.

[20]

Su-Mi Lee, Jung Yeon Hwang, and Dong Hoon Lee. 2004. Efficient password-based group key exchange. In Proceedings of the 1st International Conference on Trust and Privacy in Digital Business (TrustBus’04), (Lecture Notes in Computer Science), Sokratis K. Katsikas, Javier Lopez, and Günther Pernul (Eds.), Vol. 3184. Springer, 191--199.

[21]

Chang Liu, Chi Yang, Xuyun Zhang, and Jinjun Chen. 2015. External integrity verification for outsourced big data in cloud and IoT: A big picture. Future Generation Computer Systems 49 (2015), 58--67.

Digital Library

[22]

Suhas Mathur, Robert D. Miller, Alexander Varshavsky, Wade Trappe, and Narayan B. Mandayam. 2011. ProxiMate: Proximity-based secure pairing using ambient wireless signals. In Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys’11), Ashok K. Agrawala, Mark D. Corner, and David Wetherall (Eds.). ACM, 211--224.

Digital Library

[23]

Suhas Mathur, Wade Trappe, Narayan B. Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th Annual International Conference on Mobile Computing and Networking (MOBICOM’08), J. J. Garcia-Luna-Aceves, Raghupathy Sivakumar, and Peter Steenkiste (Eds.). ACM, 128--139.

Digital Library

[24]

Charith Perera, Rajiv Ranjan, Lizhe Wang, Samee Ullah Khan, and Albert Y. Zomaya. 2015. Big data privacy in the internet of things era. IT Professional 17, 3 (2015), 32--39.

Digital Library

[25]

Pawani Porambage, An Braeken, Corinna Schmitt, Andrei Gurtov, Mika Ylianttila, and Burkhard Stiller. 2015. Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. IEEE Access 3 (2015), 1503--1511.

[26]

Sriram Nandha Premnath, Suman Jana, Jessica Croft, Prarthana Lakshmane Gowda, Mike Clark, Sneha Kumar Kasera, Neal Patwari, and Srikanth V. Krishnamurthy. 2013. Secret key extraction from wireless signal strength in real environments. IEEE Transaction on Mobile Computing 12, 5 (2013), 917--930.

Digital Library

[27]

Deepak Puthal, Surya Nepal, Rajiv Ranjan, and Jinjun Chen. 2016. DLSeF: A dynamic key length based efficient real-time security verification model for big data stream. In Press. ACM Transactions on Embedded Computing Systems (2016).

Digital Library

[28]

Qiang Tang and Kim-Kwang Raymond Choo. 2006. Secure password-based authenticated group key agreement for data-sharing peer-to-peer networks. In Proceedings of the 4th International Conference on Applied Cryptography and Network Security (ACNS’06) (Lecture Notes in Computer Science), Jianying Zhou, Moti Yung, and Feng Bao (Eds.), Vol. 3989. 162--177.

Digital Library

[29]

Zhiguo Wan, Robert H. Deng, Feng Bao, and Bart Preneel. 2007. nPAKE+: A hierarchical group password-authenticated key exchange protocol using different passwords. In Proceedings of the 9th International Conference on Information and Communications Security (ICICS’07) (Lecture Notes in Computer Science), Sihan Qing, Hideki Imai, and Guilin Wang (Eds.), Vol. 4861. Springer, 31--43.

Digital Library

[30]

Qian Wang, Hai Su, Kui Ren, and Kwangjo Kim. 2011. Fast and scalable secret key generation exploiting channel phase randomness in wireless networks. In Proceedings of the 30th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’11). IEEE, 1422--1430.

[31]

Qian Wang, Kaihe Xu, and Kui Ren. 2012. Cooperative secret key generation from phase estimation in narrowband fading channels. IEEE Journal on Selected Areas in Communications 30, 9 (2012), 1666--1674.

[32]

Bing Wu, Jie Wu, and Yuhong Dong. 2009. An efficient group key management scheme for mobile ad hoc networks. International Journal of Security and Networks 4, 1/2 (2009), 125--134.

Digital Library

[33]

Bin Zan, Marco Gruteser, and Fei Hu. 2013. Key agreement algorithms for vehicular communication networks based on reciprocity and diversity theorems. IEEE Transactions on Vehicular Technology 62, 8 (2013), 4020--4027.

[34]

Kai Zeng, Daniel Wu, An (Jack) Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings of the 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’10). IEEE, 1837--1845.

Digital Library

Cited By

Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Kılıç ABetin Onur COnur E(2024)PATSIET Information Security10.1049/2024/75575142024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/7557514
Sharghivand NDerakhshan F(2021)Data Security and Privacy in Industrial IoTAI-Enabled Threat Detection and Security Analysis for Industrial IoT10.1007/978-3-030-76613-9_3(21-39)Online publication date: 4-Aug-2021
https://doi.org/10.1007/978-3-030-76613-9_3
Show More Cited By

Index Terms

Password-Authenticated Group Key Exchange: A Cross-Layer Design
1. Networks
  1. Network properties
    1. Network security
      1. Security protocols
  2. Network protocols
    1. Cross-layer protocols
2. Security and privacy
  1. Cryptography
    1. Key management
  2. Network security
    1. Mobile and wireless security
    2. Security protocols

Recommendations

Server-aided password-authenticated key exchange: from 3-party to group
HI'11: Proceedings of the 2011 international conference on Human interface and the management of information - Volume Part I

Protocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of ...
A general compiler for password-authenticated group key exchange protocol

Password-authenticated group key exchange protocols allow that a group of participants who share a human-memorable (short) password can obtain a common session key in a secure way over public networks. In this paper, we design a compiler, which ...
A Universally Composable Group Key Exchange Protocol with Minimum Communication Effort
SCN '08: Proceedings of the 6th international conference on Security and Cryptography for Networks

The universal composability (UC) framework by Canetti [15] is a general-purpose framework for designing secure protocols. It ensures the security of UC-secure protocols under arbitrary compositions. As key exchange protocols (KEs) belong to the most ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Transactions on Internet Technology

ACM Transactions on Internet Technology Volume 16, Issue 4

Special Issue on Internet of Things (IoT): Smart and Secure Service Delivery

December 2016

168 pages

ISSN:1533-5399

EISSN:1557-6051

DOI:10.1145/3023158

Editor:
Munindar P. Singh
Department of Computer Science, North Carolina State University

Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 December 2016

Accepted: 01 June 2016

Revised: 01 April 2016

Received: 01 November 2015

Published in TOIT Volume 16, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Program for New Century Excellent Talents in Fujian University
National Natural Science Foundation of China
Fujian Normal University Innovative Research Team
Distinguished Young Scholars Fund of Fujian

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

28
Total Citations
View Citations
416
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)1

Reflects downloads up to 02 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bhatti DSaleem SLee HKim K(2024)A dynamic symmetric key generation at wireless link layer: information-theoretic perspectivesEURASIP Journal on Wireless Communications and Networking10.1186/s13638-024-02396-y2024:1Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1186/s13638-024-02396-y
Kılıç ABetin Onur COnur E(2024)PATSIET Information Security10.1049/2024/75575142024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/7557514
Sharghivand NDerakhshan F(2021)Data Security and Privacy in Industrial IoTAI-Enabled Threat Detection and Security Analysis for Industrial IoT10.1007/978-3-030-76613-9_3(21-39)Online publication date: 4-Aug-2021
https://doi.org/10.1007/978-3-030-76613-9_3
Wang CWang DTu YXu GWang H(2020)Understanding Node Capture Attacks in User Authentication Schemes for Wireless Sensor NetworksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.2974220(1-1)Online publication date: 2020
https://doi.org/10.1109/TDSC.2020.2974220
Zhang YHuang XChen XZhang LZhang JXiang Y(2020)A Hybrid Key Agreement Scheme for Smart Homes Using the Merkle PuzzleIEEE Internet of Things Journal10.1109/JIOT.2019.29494077:2(1061-1071)Online publication date: Feb-2020
https://doi.org/10.1109/JIOT.2019.2949407
Zhang JLi GMarshall AHu AHanzo L(2020)A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless ChannelsIEEE Access10.1109/ACCESS.2020.30120068(138406-138446)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3012006
Bhatti DSaleem S(2020)Ephemeral Secrets: Multi-Party Secret Key Acquisition for Secure IEEE 802.11 Mobile Ad Hoc CommunicationIEEE Access10.1109/ACCESS.2020.29701478(24242-24257)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2970147
Feng JYang LZhang R(2019)Practical Privacy-preserving High-order Bi-Lanczos in Integrated Edge-Fog-Cloud Architecture for Cyber-Physical-Social SystemsACM Transactions on Internet Technology10.1145/323064119:2(1-18)Online publication date: 28-Mar-2019
https://dl.acm.org/doi/10.1145/3230641
Zhang YZhao HXiang YHuang XChen X(2019)A Key Agreement Scheme for Smart Homes Using the Secret Mismatch ProblemIEEE Internet of Things Journal10.1109/JIOT.2019.29368846:6(10251-10260)Online publication date: Dec-2019
https://doi.org/10.1109/JIOT.2019.2936884
Yang HKumara SBukkapatnam STsung F(2019)The internet of things for smart manufacturing: A reviewIISE Transactions10.1080/24725854.2018.1555383(1-27)Online publication date: 15-Jan-2019
https://doi.org/10.1080/24725854.2018.1555383
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents