Issue No. 05 - May (2011 vol. 22)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TPDS.2010.128
Stanisław Jarecki , University of California, Irvine, Irvine
Jihye Kim , Seoul National University, Seoul
Gene Tsudik , University of California, Irvine, Irvine
A robust group key agreement protocol (GKA) allows a set of players to establish a shared secret key, regardless of network/node failures. Current constant-round GKA protocols are either efficient and nonrobust or robust but not efficient; assuming a reliable broadcast communication medium, the standard encryption-based group key agreement protocol can be robust against arbitrary number of node faults, but the size of the messages broadcast by every player is proportional to the number of players. In contrast, nonrobust group key agreement can be achieved with each player broadcasting just constant-sized messages. We propose a novel 2-round group key agreement protocol, which tolerates up to T node failures, using O(T)-sized messages for any T. We show that the new protocol implies a fully-robust group key agreement with logarithmic-sized messages and expected round complexity close to 2, assuming random node faults. The protocol can be extended to withstand malicious insiders at small constant factor increases in bandwidth and computation. The proposed protocol is secure under the (standard) Decisional Square Diffie-Hellman assumption.
Group key agreement, fault-tolerance, algorithms, security.
J. Kim, S. Jarecki and G. Tsudik, "Flexible Robust Group Key Agreement," in IEEE Transactions on Parallel & Distributed Systems, vol. 22, no. , pp. 879-886, 2010.