Ratna Dutta

Provably Secure Constant Round Contributory Group Key Agreement in Dynamic Setting

In this paper, we present and analyze a variant of Burmester-Desmedt group key agreement protocol (BD) and enhance it to dynamic setting where a set of users can leave or join the group at any time during protocol execution with updated keys. In contrast to BD protocol, let us refer to our protocol as DB protocol. Although the DB protocol is similar to BD protocol, there are subtle differences between them: 1) Key computation in DB protocol is different and simpler than in BD protocol with same complexity of BD protocol; 2) Number of rounds required in our authenticated DB protocol is one less than that in authenticated BD protocol introduced by Katz-Yung; 3) DB protocol is more flexible than BD protocol in the sense that DB protocol is dynamic. The reusability of users precomputed data in previous session enables the join and leave algorithms of our DB protocol to reduce most users computation complexities which can be useful in real life applications; and 4) DB protocol has the ability to detect the presence of corrupted group members, although one can not detect who among the group members are behaving improperly.

Extending Joux’s Protocol to Multi Party Key Agreement

We present a secure unauthenticated as well as an authenticated multi party key agreement protocol. The unauthenticated version of our protocol uses ternary trees and is based on bilinear maps and Joux’s three party protocol. The number of rounds, computation/ communication complexity of our protocol compares favourably with previously known protocols. The authenticated version of our protocol also uses ternary trees and is based on public IDs and Key Generation Centres. The authenticated version of our protocol is more efficient than all previously known authenticated key agreement protocols.

Password-Based Encrypted Group Key Agreement

This paper presents an efficient password-based authenticated encrypted group key agreement protocol immune to dictionary attack under the computation Diffie-Hellman (CDH) assumption. In a password-based key agreement protocol, the users only share a human-memorable low entropy password; and using this low-entropy password, the users can agree upon a high-entropy session key which they may use to build a secure communication channel among themselves. While designing such protocols, one should limit the number of on-line password guessing and achieve the security against dictionary attack. Our protocol is obtained from the multi-party key agreement protocol of Kim et al. We analyze the security in the security model formalized by Bellare et al. following their proof techniques. Our proposed scheme achieves efficiency in both communication and computation aspects and is proven to be secure in both the ideal cipher model and the random oracle model.

Efficient Self-healing Key Distribution with Revocation for Wireless Sensor Networks Using One Way Key Chains

Security of group communication for large mobile wireless sensor network hinges on efficient key distribution and key management mechanism. As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key distribution schemes. Therefore, self-healing is a good property for key distribution in wireless applications. The main idea of self-healing key distribution scheme is that even if during a certain session some broadcast messages are lost due to network faults, the users are capable of recovering lost session keys on their own, without requesting additional transmission from the group manager. The only requirement for a user to recover the lost session keys, is its membership in the group both before and after the sessions in which the broadcast packets containing the keys are sent. Self-healing approach of key distribution is stateless in the sense that a user who has been off-line for some period is able to recover the lost session keys immediately after coming back on-line. In this paper, we propose two constructions for scalable self-healing key distribution with trevocation capability. The novelty of our constructions are that we apply a different and more efficient self-healing mechanism compared to the ones in the literature using one-way key chain. The main improvements that our proposed schemes achieve over previous approaches are (a) communication bandwidth reduces from O((tj+ ji¾? ti¾? 1)logq) to O((t+ 1)logq), and (b) computation costs for our first and second constructions reduce from O(2tj+ j) to O(2t+ 1) and O(2(t2+ t)) respectively, where mis the maximum number of sessions, jis the current session number, tis the maximum number of compromised group members that may collude and qis a large prime number. We achieve this result without any increase in the storage complexity. The schemes are scalable to very large groups in highly mobile, volatile and hostile network. We prove in an appropriate security framework that our constructions are computationally secure and achieve both forward secrecy and backward secrecy.

Constant round dynamic group key agreement

We present a fully symmetric constant round authenticated group key agreement protocol in dynamic scenario. Our proposed scheme achieves forward secrecy and is provably secure under DDH assumption in the security model of Bresson et al. providing, we feel, better security guarantee than previously published results. The protocol is efficient in terms of both communication and computation power.

Dynamic group key agreement in tree-based setting

We present a provably secure tree based authenticated group key agreement protocol in dynamic scenario. Bilinear pairing and multi-signature are at the heart of our protocol. We prove that our protocol is provably secure in the standard security model of Bresson et al. An appropriate modification of Katz-Yung approach to tree based setting is adopted while proving its security against active adversaries. The protocol has an in-built hierarchical structure that makes it desirable for certain applications.

Constant Storage Self-Healing Key Distribution with Revocation in Wireless Sensor Network

A self-healing key distribution scheme enables a large group of users (sensor nodes) to establish a session key dynamically over an unreliable, or lossy wireless network. The main property of self-healing ensures that the qualified users can recover the lost session keys on their own from the broadcast packets and some private information, without any additional communication with the group manager, thus decreasing the load on the group manager. The only requirement for a user to recover the lost session keys, is its membership in the group both before and after the sessions in which the broadcast packets containing the keys are sent. Self-healing approach of key distribution is stateless in the sense that a user who has been off-line for some period is able to recover the lost session keys immediately after coming back on-line. This paper presents a new self-healing key distribution scheme with revocation capability that requires constant storage of personal keys for each user and we feel, it is more efficient than the previous schemes in terms of communication complexity. The novelty of this scheme is to use a different and more efficient self-healing mechanism compared to the ones in the literature. The scheme is supported by a proper security analysis in an appropriate security model. It is unconditionally secure and achieves both forward and backward secrecy. Moreover, unlike previous works, proposed self-healing key distribution is not restricted to m sessions in Setup phase.

Provably Secure Authenticated Tree Based Group Key Agreement

We present a provably secure authenticated tree based key agreement protocol. The protocol is obtained by combining Boldyreva’s multi-signature with Barua et al.’s unauthenticated ternary tree based multi-party extension of Joux’s key agreement protocol. The security is in the standard model as formalized by Bresson et al.. The proof is based on the techniques used by Katz and Yung in proving the security of their key agreement protocol.

Improved Self-Healing Key Distribution with Revocation in Wireless Sensor Network

In this paper, we develop and analyze a new self-healing key distribution scheme with revocation capability, scalable to very large groups in unreliable ad hoc wireless environment. The main emphasis of our proposed scheme is that it has significant improvement in terms of both storage and communication overhead compared to the previous works. The storage overhead of our self-healing key distribution with t revocation capability is O((t + 1) log q), and the communication complexity is O((t+1+j) log q), where q is a large prime and j is the current session number. In contrast to the previous schemes, we use a different and more efficient self-healing technique. On a more positive note, our scheme enables reuse of personal key of a user to next m sessions and consequently, overcomes the restriction of m sessions in setup phase, unlike previous works. Moreover, we analyze our scheme in an appropriate security framework and proved that it is unconditionally secure and achieves both forward secrecy and backward secrecy.

Original Research Paper: Computationally secure self-healing key distribution with revocation in wireless ad hoc networks

This paper introduces a novel self-healing technique for key distribution with revocation and demonstrates how it improves the efficiency over the previous approaches while using the existing idea of secret sharing or revocation polynomial in designing self-healing key distribution schemes with revocation. Unlike the existing approaches, our self-healing mechanism does not need to send the history of revoked users and consequently enables better performance gain over the previous approaches in terms of storage, communication and computation complexity. We propose and analyze a generalized self-healing key distribution using a vector space access structure in order to reach more flexible performance of the scheme. We describe three efficient constructions for scalable self-healing key distribution with t-revocation capability. We provide a rigorous treatment of the security of our constructions in an appropriate security framework and show that they are computationally secure and achieve both forward and backward secrecy.