Improving Choi et al.’s ID-based Authenticated Group Key Agreement Scheme at PKC2004

In modern network computing, authenticated group key agreement (AGKA) is important for conferencing. After Shamir [2] proposed the ID-based cryptosystem in 1984, the various applications on the ID-based cryptosystem have been actively studied, due to the simple key management complexity. For the AGKA, Choi et al. [16] proposed an ID-based authenticated group key agreement with bilinear maps, which was extended from Burmester and Desmedt conference key agreement protocol [5]. After that, Zhang and Chen [15] showed that the impersonation attack on Choi et al. protocol is feasible when two malicious users have the previous authentication transcripts of the entity. Shim [19] showed that the insider colluding attacks can be done without the previous transcripts. In this paper, we propose an improved ID-based AGKA. In our scheme, Key Generation Center (KGC) keeps the list of randomized user index instead of only generating private key. The random user indexing means KGC shuffles the order of users’ indices by randomizing to hide it so that the malicious users cannot know the order. KGC also verify all users than only verifies 3 users in Choi et al.’s protocol. Our protocol can prevent replay attack of Zhang and Chen and insider colluding attack of Shim.