International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: One Round Group Key Exchange with Forward Security in the Standard Model

M. Choudary Gorantla
Juan Manuel Gonz\'alez Nieto
Colin Boyd
Search ePrint
Search Google
Abstract: Constructing a one round group key exchange (GKE) protocol that provides forward secrecy is an open problem in the literature. In this paper, we investigate whether or not the security of one round GKE protocols can be enhanced with any form of forward secrecy without increasing the number of rounds. We apply the {\em key evolving} approach used for forward secure encryption/signature schemes and then model the notion of forward security for the first time for key exchange protocols. This notion is slightly weaker than forward secrecy, considered traditionally for key exchange protocols. We then revise an existing one round GKE protocol to propose a GKE protocol with forward security. In the security proof of the revised protocol we completely avoid reliance on the random oracle assumption that was needed for the proof of the base protocol. Our security proof can be directly applied to the base protocol, making it the most efficient one round GKE protocol secure in the standard model. Our one round GKE protocol is generically constructed from the primitive of forward secure encryption. We also propose a concrete forward secure encryption scheme with constant size ciphertext that can be used to efficiently instantiate our protocol.
  title={One Round Group Key Exchange with Forward Security in the Standard Model},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / group key exchange, forward security, key evolving, standard model},
  note={ 14656 received 16 Feb 2010},
  author={M. Choudary Gorantla and Juan Manuel Gonz\'alez Nieto and Colin Boyd},