{"title":"一种改进的混沌映射保密组密钥协议方案","authors":"Chun-Ta Li, C. Weng","doi":"10.18178/jacn.2018.6.1.245","DOIUrl":null,"url":null,"abstract":"The decentralized group key agreement scheme allows a group of participants to exchange private multicast messages via the protection of a group session key in the group. Recently, Zhu proposed the first group authentication key agreement scheme based on chaotic maps and the structure of a group is organized in an ordered chain. Thus each participant needs to establish two temporary two-party session keys with its predecessor and successor in a parallel algorithm. In order to cope with dynamic groups, the group session keys are frequently updated whenever a new member joins or a member leaves the group. Zhu claimed that the proposed scheme is secure against various attacks such as replay, man-in-the-middle, impersonation and key compromise attacks. Furthermore, Zhu extended the proposed scheme to high level security attributes such as privacy preserving, no clock synchronization problem, mutual and group authentication and perfect forward secrecy etc. However, in this paper, we found that Zhu’s scheme is vulnerable to successor impersonation problem and this weakness leads to a malicious adversary from deriving group session keys after impersonate attack. Moreover, their scheme is vulnerable to known key attack and this problem may lead to an adversary to compromise the previous and future group session keys. To overcome these security flaws, in this paper, we significantly improve the security of Zhu’s group key agreement scheme without increasing the communication overhead and computation complexity.","PeriodicalId":232851,"journal":{"name":"Journal of Advances in Computer Networks","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Improved Group Key Agreement Scheme with Privacy Preserving Based on Chaotic Maps\",\"authors\":\"Chun-Ta Li, C. Weng\",\"doi\":\"10.18178/jacn.2018.6.1.245\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The decentralized group key agreement scheme allows a group of participants to exchange private multicast messages via the protection of a group session key in the group. Recently, Zhu proposed the first group authentication key agreement scheme based on chaotic maps and the structure of a group is organized in an ordered chain. Thus each participant needs to establish two temporary two-party session keys with its predecessor and successor in a parallel algorithm. In order to cope with dynamic groups, the group session keys are frequently updated whenever a new member joins or a member leaves the group. Zhu claimed that the proposed scheme is secure against various attacks such as replay, man-in-the-middle, impersonation and key compromise attacks. Furthermore, Zhu extended the proposed scheme to high level security attributes such as privacy preserving, no clock synchronization problem, mutual and group authentication and perfect forward secrecy etc. However, in this paper, we found that Zhu’s scheme is vulnerable to successor impersonation problem and this weakness leads to a malicious adversary from deriving group session keys after impersonate attack. Moreover, their scheme is vulnerable to known key attack and this problem may lead to an adversary to compromise the previous and future group session keys. To overcome these security flaws, in this paper, we significantly improve the security of Zhu’s group key agreement scheme without increasing the communication overhead and computation complexity.\",\"PeriodicalId\":232851,\"journal\":{\"name\":\"Journal of Advances in Computer Networks\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Advances in Computer Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.18178/jacn.2018.6.1.245\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Advances in Computer Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18178/jacn.2018.6.1.245","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Improved Group Key Agreement Scheme with Privacy Preserving Based on Chaotic Maps
The decentralized group key agreement scheme allows a group of participants to exchange private multicast messages via the protection of a group session key in the group. Recently, Zhu proposed the first group authentication key agreement scheme based on chaotic maps and the structure of a group is organized in an ordered chain. Thus each participant needs to establish two temporary two-party session keys with its predecessor and successor in a parallel algorithm. In order to cope with dynamic groups, the group session keys are frequently updated whenever a new member joins or a member leaves the group. Zhu claimed that the proposed scheme is secure against various attacks such as replay, man-in-the-middle, impersonation and key compromise attacks. Furthermore, Zhu extended the proposed scheme to high level security attributes such as privacy preserving, no clock synchronization problem, mutual and group authentication and perfect forward secrecy etc. However, in this paper, we found that Zhu’s scheme is vulnerable to successor impersonation problem and this weakness leads to a malicious adversary from deriving group session keys after impersonate attack. Moreover, their scheme is vulnerable to known key attack and this problem may lead to an adversary to compromise the previous and future group session keys. To overcome these security flaws, in this paper, we significantly improve the security of Zhu’s group key agreement scheme without increasing the communication overhead and computation complexity.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
