CJ 04 - 092 . R 2 A robust multi - party key agreement protocol resistant to malicious participants †

By its very nature, a non-authenticated multi-party key agreement protocol cannot provide participant and message authentication, so it must rely on an authenticated network channel. This paper presents the inability of two famous multi-party key agreement protocols to withstand malicious participant attacks, even though their protocols are based on the authenticated network channel. This attack involves a malicious participant disrupting the multiparty key agreement among honest participants. In this case, other honest participants do not correctly agree on a common key. Obviously, the malicious participant cannot obtain the common key either, and the communication confidentiality among participants is not breached. However, in some emergency situations or applications, a multi-party key agreement protocol design that is resistant to malicious participants is an important consideration. Therefore, a nonauthenticated multi-party key agreement protocol resistant to malicious participants is proposed in this paper. The proposed robust protocol requires constant rounds to establish a common key. Each participant broadcasts a constant number of messages. Under the assumption of the Decision Diffie-Hellman problem and the random oracle model, we will show that the proposed protocol is provably secure against passive adversaries and malicious participants.