Provably Secure Asymmetric Group Key Agreement And Its Applications

Asymmetric Group Key Agreement(AGKA)and Contributory Broadcast Encryption(CBE)can be applied to group applications by establishing a secure channel between entities,where CBE can be regarded as a special case of AGKA.Specifically,AGKA and CBE allow a group of entities to negotiate a public group encryption key and a decryption key for each member with one-round interaction,and then anyone is allowed to send messages to the group members without joining the group.Besides,CBE as an extension of AGKA enables senders to selectively choose recipients from within a group.In summary,AGKA and CBE have become popular group key management techniques due to the advantages of its round efficiency and sender un-restriction.However,with the emergence of various dynamic group applications,e.g.,Vehicular Ad Hoc Networks(VANETs),Vehicular Cloud Computing(VCC)and Mobile Ad Hoc Networks(MANETs),the research on AGKA for these applications arises new challenges.Existing group applications,typically such as VANETs,VCC and MANETs,are usually characterized by a large number of entities,dynamic network topology,and limited communication resources.AGKA primarily focuses on establishing a dynamically secure channel.This means that the channel maintains security properties,including message confidentiality,authentication,and sender non-repudiation,even when entities join or leave a group.In addition to security requirements,privacy protection issues are also increasingly emphasized,e.g.,the identity privacy of vehicles in VCC is prone to be leaked during the communication.In this regard,it is of great research significance to design a secure communication channel using AGKA to satisfy the privacy-preserving demands.For applications with limited bandwidth resources,such as MANETs,achieving low communication requirements is the primary goal,hence it is of significance to effectively reduce the communication cost in existing AGKA,i.e.,designing non-interactive AGKA so that they can be better applied to resource-constrained scenarios.In this paper,we address the research challenges faced by AGKA in the above-mentioned dynamic group applications and obtain the following research achievement:· Dynamic Authentication Asymmetric Group Key Agreement with Sender Nonrepudiation and Privacy Protocol.In our first work,we first construct a Modified Batch Multi-signature Scheme(MBMS);the security property satisfied by MBMS scheme,i.e.,strong unforgeability under chosen message attack,is formally analyzed.Second,based on MBMS scheme,the first Dynamic Authentication Asymmetric Group Key Agreement with Sender Non-repudiation and Privacy(DAAGKAw SNP)protocol is constructed;design the security model of the protocol and give a formal definition of the security,including: message confidentiality,sender non-repudiation and sender privacy;based on the k-Bilinear Diffie-Hellman Exponent(k-BDHE)assumption to prove all the security properties satisfied by the protocol;the performance of the protocol is evaluated through design goals,computation and communication complexity comparisons,and simulation experiments.In addition,we also discuss how to apply the protocol into VCC scenario.· Dynamic Authentication Contributory Broadcast Encryption with Recipient Privacy Scheme.In our second work,we construct for the first time instantiated Dynamic Authentication Contributory Broadcast Encryption with Recipient Privacy(DACBEwRP)scheme;The security model is designed and formal security definition of the scheme is given,including: message confidentiality and receiver privacy;based on the security model,the security proof of the DACBEwRP scheme is given based on an asymmetric variant of the decision k-BDHE assumption;and the efficiency of the DACBEwRP scheme is evaluated through a comparison of the design goals,computation complexity,and communication complexity and simulations. In addition,we apply the DACBEwRP scheme for the first time to the VCC scenario and addresses the security and privacy challenges faced by the task delivery in VCC.Finally,we discuss the idea of constructing a contributory broadcast encryption with recipient privacy scheme that satisfies fast decryption,which effectively improves the efficiency of the decryption algorithm in the DACBEwRP scheme to constant complexity.· Non-interactive Dynamic Contributory Broadcast Encryption Scheme.In the third work,we first analyze the security and efficiency challenges faced by existing multi-party non-interactive key exchange protocols;give the instantiated Noninteractive Dynamic Contributory Broadcast Encryption(NI-DCBE)scheme;design the security model under which the NI-DCBE scheme is defined to satisfy the session key indistinguishability;based on the deterministic k-BDBE,the NI-DCBE scheme is defined to satisfy the session key indistinguishability;analyze the efficiency of the NI-DCBE scheme based on the technology comparison,computation and communication complexity analysis,and simulation experiments.In addition,we discuss an application example of the NI-DCBE scheme in the MANETs context,i.e.,how to establish a secure communication channel for communication in a non-interactive manner based on our NI-DCBE scheme.