Vol: 59(73) No: 2 / December 2014 

Attacks against Group Key Transfer Protocols based on Secret Sharing
Ruxandra F. Olimid
Department of Computer Science, University of Bucharest, Bucharest, Romania, e-mail: ruxandra.olimid@fmi.unibuc.ro


Keywords: Group Key Transfer, Secret Sharing, Attack

Abstract
Securing group applications usually requires a pre-established private group key, which can result as the output of a Group Key Transfer protocol (GKT). Some of the recent GKT protocols lack a security analysis and hence are susceptible to simple attacks. We analyze three such protocols and remark vulnerabilities that allow an adversary to make group members accept distinct group keys or even gain no key at all. The attacks remain hidden (until the end of the protocol execution), which prevents players to immediately ask for re-execution.

References
[1] L. Harn and C. Lin, “Authenticated group key transfer protocol based on secret sharing,” IEEE Transactions on Computers, vol. 59, no. 6, pp. 842–846, 2010.
[2] C. Hsu, B. Zeng, Q. Cheng, and G. Cui, “A novel group key transfer protocol,” Cryptology ePrint Archive, Report 2012/043, 2012, http://eprint.iacr.org/.
[3] J. Nam, M. Kim, J. Paik, W. Jeon, B. Lee, and D. Won, “Cryptanalysis of a group key transfer protocol based on secret sharing,” in FGIT, 2011, pp. 309–315.
[4] R.F. Olimid, “Cryptanalysis of a password-based group key exchange protocol using secret sharing,” Appl. Math. Inf. Sci, vol. 7, no. 4, pp. 1585–1590, 2013.
[5] R. F. Olimid, “On the vulnerability of a group key transfer protocol based on secret sharing,” in 9th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2014, Timisoara, Romania, May 15-17, 2014, 2014, pp. 159–163.
[6] R. F. Olimid, “A chain of attacks and countermeasures applied to a group key transfer protocol,” in International Joint Conference SOCO14-CISIS14- ICEUTE14, vol. 299.
[7] A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp.612–613, 1979.
[8] W. Yuan, L. Hu, H. Li, and J. Chu, “An Efficient password-group key exchange protocol using secret sharing,” Appl. Math. Inf. Sci, vol. 7, no.1, pp. 145–150, 2013.
[9] W. Yuan, L. Hu, H. Li, and J. Chu, “Security and improvement of an authenticated group key transfer protocol based on secret sharing,” Appl. Math. Inf. Sci, vol. 7, no. 5, pp. 1943–1949, 2013.

  


   Designed and maintained by Dan Pescaru, "Politehnica" University of Timisoara,
©'2007 Faculty of Automation and Computers