A Dynamic ID-based Authenticated Group Key Agreement Protocol

Through the group key agreement, all group members could negotiate a common session key which is used in later secure communication. While simple GKA cannot provide enough security to resist the adversary’s attack, and the malicious damage during the agreement makes the authenticated key agreement particularly important. In identity-based authentication, user’s unique identity information is used as the public key,which makes it exempt from a series of management of the certification in public-key infrastructure(PKI). Thereby, the identity-based key agreement can simplify the key management procedures and reduce the risk of failure at the certification authority(CA). In addition, most of the group environment are required to support the dynamic member events, such as members’ joining and leaving, and an efficient and secure group key agreement protocol also needs to make sure the forward secrecy and backward secrecy.At the same time, in order to solve the problem of the large amount of calculation of public-key encryption, people usually use hybird cryptosystem in the process of communication. The symmetric encryption key is the public key, and it can also be used for authentication. Thus, it have not only solved the key distribution problem, but also improved the efficiency of communication.Recently, several identity-based group key agreement protocols have been proposed,however most of the agreement protocols need more rounds and message transmission quantity, it is difficult to keep the extensibility. And some of them are either vulnerable to impersonation and replay attack or inefficient and unscalable.After discussing some other ID-based key agreement schemes, this paper puts forward an improved hybrid encryption scheme based on identity, it has the simple implementation,high efficiency of encryption and lower communication cost. Then we apply this scheme to group key agreement protocol which is authenticated. It needs two rounds to negotiate the session key.Our protocol can ensure the forward and backward secrecy and the key independence.Besides, we can add a trusted arbiter to find out the existence of inside attacker, and expel it.Under the elliptic curve discrete logarithm problem, our protocol is proved to be secure against the adversary. Our scheme only needs a small amount of calculation and network communication to initialize and update the network on the premise of ensuring a safe andreliable group network, which makes the group key agreement scheme has good dynamic and extensibility.