Group Key Agreement with Local Connectivity

Abstract

Introduction

KEY agreement is a mechanism that allows two or more parties to securely share a secret key (called a session key). Starting from Diffie-Hellman for the two-party case, this topic has been extensively studied in the literature. However, almost all the protocols assume a complete connectivity graph: any two users can communicate directly. In the real world, this is not always true. For instance, in social networkssuchasFacebook,Skype,WechatandGoogle+, a user is only connected with his friends. For a group of users (e.g., the faculty union in a university) who wish to establish a session key, it is not necessary that any two of them are friends. But they might still be connected indirectly through the friend network. Of course, we can still regard them as directly connected by regarding the intermediate users as routers. However, this is quite different from a direct connection. First, indirectly connected users may not have the public information of each other (e.g., public-key certificate). Second, indirectly connected users may not know the existence of each other (e.g., in our faculty union example, one professor in one department may not know another professor in a different department). Third, a message between two indirectly connected users travels a longer time than that between directly connected users. We study the group key agreement with an arbitrary connectivity graph, where each user is only aware of his neighbors and has no information about the existence of other users. Further, he has no information about the network topology. Under this setting, a user does not need to trust a user who is not his neighbor. Thus, if one is initialized using PKI, then he need not trust or remember public-keys of users beyond his neighbors.

Group Key agreement is a process of assigning a unique key for communication. In this paper, we studied that on social networks mostly it is not possible to communicate with unknown person directly. Group key agreement provides the mechanism where any two unknown person can communicate directly. For example on social sites their are groups of people communicate together. But it is not necessary that each and every person in a group well knows each other. Assume their are persons A, B and C. Person A and B are good friends. Person C is a friend of A but B wants to communicate C. So to get the authority to communicate with C , B must have to go through A. Then the communication between them can possible. But in Group Key Agreement mechanism the directly communication between B and C can possible. To make this possible we are using the theory of diffie hellman algorithm. Diffie Hellman algorithm provides the key exchange mechanism for communication. Group key agreement is surly more effective for the social networks. We are using passively secure protocol to construct an actively secure protocol. Which is round efficient.
1

In social networking there are many applications which provide the data connectivity, communication, file transfer, sharing, uploading and many other operations. But sometimes there are problems in communication between two unknown authorities. Most of the systems does not support to the direct connectivity of unknown authorities’ for communication or data transfer. However the one person is neighbor of another person who cannot get access with their neighbors directly. So sometimes it makes problem connectivity. So this can be helped with the group key agreement to make it possible.

A key-agreement protocol is a protocol where one user is only aware of his neighbors. Two or more parties can agree on a key in such a way that both influence the outcome. If properly done, this precludes undesired third parties from forcing a key choice on the agreeing parties. Sender generates key and sends it to receiver. The connection made between is actively secure protocol using passively secure protocol. Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon. public-key agreement protocol that meets the above criteria was the Diffie–Hellman key exchange, in which two parties jointly exponentiation a generator with random numbers, in such a way that an eavesdropper cannot feasibly determine what the resultant value used to produce a shared key is. Exponential key exchange in and of itself does not specify any prior agreement or subsequent authentication between the participants. It has thus been described as an anonymous key agreement protocol.

Related Work

In this paper, a gathering key understanding issue where a client is just mindful of his neighbors while the network diagram is discretionary. In our issue, there is no unified instatement for clients. A gathering key concurrence with these elements is extremely suitable for informal communities. Under our setting, we develop two proficient conventions with detached security [1]. In dispersed system, gathering key assention convention assumes a vital part. They are intended to give a gathering of clients with a common mystery key such that the clients can safely speak with one another over an open system. Gathering key understanding means numerous gatherings need to make a typical mystery key to be utilized to trade data safely. We think about the gathering key concurrence with a self-assertive network diagram, where every client is just mindful of his neighbors and has no data about the presence of different clients. Further, he has no data about the system topology. In our issue, there is no focal power to instate clients. Each of them can be instated autonomously utilizing PKI. [2] In this paper, an element validated gathering key assertion convention is exhibited utilizing blending for impromptu systems. In Join calculation, the quantity of transmitted messages does not increment with the quantity of all gathering individuals, which makes the convention more functional. The convention is provably secure. Its security is demonstrated under Decisional Bilinear Diffie-Hellman supposition. The convention likewise gives numerous different securities property [3] In this paper, gathering key concurrence with hub confirmation plan has been proposed. It’s a changed form which consolidates the components and benefits of both Flexible Robust Group Key Agreement and additionally Efficient Authentication Protocol for Virtual Subnet convention. The fundamental point of preference of proposed plan is that it dispenses with the need to send the different parameters for verification and additionally gathering key commitment [3]. This paper addresses a fascinating security issue in remote specially appointed system: the dynamic Group key Agreement key foundation. For secure gathering correspondence in Ad hoc system, a  gathering key shared by all part. In this paper creator proposed a novel secure versatile and powerful Regionbased gathering key understanding convention for Ad hoc system [6]. A Group Key Agreement (GKA) convention is an instrument to set up a cryptographic key for a gathering of members in light of every one’s commitment, over an open system. The key, along these lines inferred, can be utilized to set up a protected channel between the members. In this paper, Author display a straightforward, secure and productive GKA convention appropriate to element impromptu systems. We additionally present consequences of our usage of the convention in a model application [7]. This paper exhibits an effective contributory gathering key understanding convention for secure correspondence between the lightweight little gadgets in subjective radio portable specially appointed systems. A Ternary tree based Group ECDH.2 (TGECDH.2) convention that uses a cluster rekeying calculation amid enrollment change is proposed in this paper. This ternary tree is an adjusted key tree in which proper insertion point is chosen for the joining individuals amid rekeying operation. TGECDH.2 joins the computational effectiveness of ECDH convention.

In all of KPS, broadcast encryption, traitor tracing and a rekey scheme, a user key is set up by a single central authority and there is a dependency between the keys of different users. The first three mechanisms also have a threshold for the number of corruptions. In our key agreement problem, a centralized setup is not convenient and it is also impossible to determine a corruption threshold. Hence, they are not reasonable candidates for a group key agreement in our setting. Unconditionally secure (interactive) key agreement has been considered in [3], [10], [12], [36]. Beimel and Chor [3] showed that the user key in this setting must be taken from a domain of size at least |S|τ, where S is the domain of the group key and τ is the maximum number of key agreements. If the user key is distributed uniformly (the typical case), it has an entropy of at least τ log|S|. In real applications, τ is usually large. Hence, this type of scheme does not provide an efficient solution even though it is unconditionally secure. We now survey the computationally secure group key agreement in a passive model. This started from the Diffie-Hellmanprotocol[21].Inthefollowing,weusethe tuple (a,b,c) to represent a protocol that has a rounds, b elements of messages per user (the unit is a field element in Z∗ p for a large prime p) and computation cost c. Ingemarsson et al. [25] designed a group key agreement for n users in a ring with an efficiency tuple (n−1,n−1,ne), where e stands for one exponentiation in Z∗ p. Burmester and Desmedt [17] designed a more efficient protocol with an efficiency tuple (2,2n,4e), after ignoring the exponentiations with small exponents and identifying one division with an exponentiation. Their protocol assumes a complete connectivity graph. Steiner et al. [37] proposed three protocols, where the most efficient one has an efficiency tuple (n + 1,4,5e). Their protocol assumes a complete connectivity graph and user n has a big computation cost of (n − 1)e and a communication cost of n − 1 messages. Wu et al. [39] proposed a transport-like protocol through a novel aggregate-signature based broadcast from pairing. Their protocol has one round (or 2 rounds if the group setup is counted), 3 elements of message from the initiator and computation cost of two pairings and one division, after the group public key has been setup, while the group public key needs one round and each user needs a cost (1+n)e+1p+[3(n−1)+1]m, where p is a pairing and m
is a multiplication. The strategy of a transport protocol usinganaggregatepublic-keyisalsoimplementedbyLv et al. [32] using NTRU, although we feel that it is hard to obtain a provable security as NTRU does not have. Both  assume a complete connectivity graph. Some group key agreements handle a group change through join and leave operations (similar to the strategy of a rekey scheme in a multi-cast); . We now survey the computationally secure group key agreement in an active model. Tzeng and Tzeng proposed protocols in the random oracle model, where the interesting construction has an efficiency tuple (2,3n,2n + 1). Bresson et al. [16] formalized a formal model for a group key agreement in the active model and made the protocol in [37] actively secure using a signature based authentication. Katz and Yung implemented the Burmester-Desmedt protocol in the active model with a signature based authenticator. Boyd and Gonz´alez-Nieto  proposed a transport-like 2-round protocol in the random oracle model, where one user needs to compute n public-key encryptions and each user has an outgoing message of length Ω(n). All the works in this paragraph assume a complete connectivity. We are interested in a protocol without a random oracle. From the discussion above, we can see that the passively secure protocols that are really relevant to us are . They do not rely on a random oracle and the long term secrets (if any) between users donothavedependency.Wewillcomparethemwithour protocols. The only issue when considered as a solution in our setting is that the connectivity graph in them is either a ring or a complete graph and is known to all users.Inoursetting,auserisonlyawareofhisneighbors and has no information about others. For actively secure protocols surveyed above, [16], [27] are interesting. But they only implemented passively secure protocols [17], [37]. We will not compare them with us since we are mainly concerned with the key agreement methodology (instead of how to obtain stronger security).

Conclusion

Group Key Agreement with Local Connectivity,We studied a group key agreement problem, where a user is only aware of his neighbors while the connectivity graph is arbitrary. In addition, users are initialized completely independent of each other. A group key agreement in this setting is very suitable for applications such as social networks. We constructed two passively secure protocols with contributiveness and proved lower bounds on a round complexity, demonstrating that our protocols are round efficient. Finally, we constructed an actively secure protocol from a passively secure one. In our work, we did not consider how to update the group key more efficiently than just running the protocol again, when user memberships are changing. We are not clear how to do this. One can either propose algorithms to our current protocols (as Dutta and Barua [22] did for [17]) or construct a completely new key agreement with these features. We leave it as an open question.