Get access

New construction of affiliation-hiding authenticated group key agreement

Authors

  • Chang Xu,

    1. State Key Laboratory of Software Development Environment, Beihang University, Beijing, China
    2. Beijing Key Laboratory of Network Technology, Beihang University, Beijing, China
    Search for more papers by this author
  • Hua Guo,

    1. State Key Laboratory of Software Development Environment, Beihang University, Beijing, China
    Search for more papers by this author
  • Zhoujun Li,

    Corresponding author
    1. Beijing Key Laboratory of Network Technology, Beihang University, Beijing, China
    • State Key Laboratory of Software Development Environment, Beihang University, Beijing, China
    Search for more papers by this author
  • Yi Mu

    1. College of Mathematics and Computer Science, Fujian Normal University, Fuzhou, China
    2. Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Wollongong, NSW, Australia
    Search for more papers by this author

Correspondence: Zhoujun Li, State Key Laboratory of Software Development Environment, Beihang University, Beijing.

E-mail: lizj@buaa.edu.cn

ABSTRACT

In CT-RSA 2007, Jarecki, Kim, and Tsudik introduced the notion of affiliation-hiding authenticated group key agreement (AH-AGKA) protocols and presented two concrete AH-AGKA protocols. In this paper, we will show that these protocols have some drawbacks. We will also introduce the notion of affiliation-hiding authenticated asymmetric group key agreement (AH-AAGKA) and present an AH-AAGKA protocol. AH-AAGKA protocols allow the participants of a group to establish a common encryption key associated with several decryption keys; each of which can only be computed by the corresponding legitimate participant. Meanwhile, any party is assured that its affiliation is revealed to the participants that belong to the same group only. Compared with previous AH-AGKA protocols, if invalid players participate in our protocol, legitimate participants can identify these invalid players. In contrast to existing AH-AGKA protocols, our protocol holds perfect forward secrecy, which is proven in a novel security model we proposed. Additionally, we present a new privacy model to prove that our protocol achieves linkable affiliation-hiding property. Copyright © 2012 John Wiley & Sons, Ltd.

Ancillary