Security

Computationally-Fair Group and Identity-Based Key-Exchange

Free registration required

Executive Summary

In this paper, the authors re-examine some fundamental group key-exchange and identity-based key-exchange protocols, specifically the Burmester-Desmedet group key-exchange protocol (referred to as the BD-protocol) and the Chen-Kudla identity-based key-exchange protocol (referred to as the CK-protocol). They identify some new attacks on these protocols, showing in particular that these protocols are not computationally fair. Specifically, with their attacks, an adversary can do the following damages: it can compute the session-key output with much lesser computational complexity than that of the victim honest player, and can maliciously nullify the contributions from the victim honest players and it can set the session-key output to be some pre-determined value, which can be efficiently and publicly computed without knowing any secrecy supposed to be held by the attacker.

  • Format: PDF
  • Size: 136.2 KB