Many group key agreement protocols (GKA) for secure group communication (SGC) based on the Diffie-Hellman key exchange principle have been proposed in literature. All of these protocols require member serialization and/or existence of a central entity. In this paper, we propose a simple group Diffie-Hellman key agreement protocol which removes these two limitations. Moreover, the new protocol n...

The Cliques protocols are extensions of the Diffie-Hellman key exchange protocol to a group setting. In this paper, we are analysing the A-GDH.2 suite that is intended to allow a group to share an authenticated key and to perform dynamic changes in the group constitution (adding and deleting members, ...). We are proposing an original method to analyze these protocols and are presenting a numbe...

In large-scale client-client communication environments, Password-Authenticated Key Exchange (PAKE) based on trusted server is very convenient in key management. For enhancing the efficiency and preventing various attacks, Wang and Mo proposed a three-PAKE protocol, Yoon and Yoo proposed a C2C-PAKE protocol. However, in this paper, we show that the Wang-Mo protocol and the Yoon-Yoo protocol exi...

Authenticated Key Exchange protocols enable several parties to establish a shared cryptographically strong key over an insecure network using various authentication means, such as strong cryptographic keys or short (i.e., low-entropy) common secrets. The latter example is definitely the most interesting in practice, since no additional device is required, but just a human-memorable password, fo...

Diffie –Hellman technique: extended to multiple two-party keys and one multi-party key Abstract: The two-party Diffie– Hellman (DH) key-exchanging technique is extended to generate (i) multiple two-party keys and (ii) one multi-party key. The participants in the former case exchange two public keys and generate 15 shared keys. Of these, 4 keys are called base keys, because they are used to gene...

UKS (unknown key-share) attacks are common attacks on AKE (Authenticated Key Exchange) protocols. We summarize two common countermeasures against UKS attacks on a kind of AKE protocols whose message flows are basic Diffie-Hellman exchanges. The first countermeasure forces the CA to check the possession of private key during registration, which is impractical for the CA. The second countermeasur...

In this paper, a packet construction mechanism using an ID-based factorial number structure (ID-based FNS) is proposed for a secure conference call system in an ad hoc network. We adopt the ID-based concept for a conference key generation in which each participant with one’s own public identity uses a pre-chosen secret-key to generate the exchange conference key for the conference call. Further...

The Internet Key Exchange (IKE) and Public Key Infrastructure for X.509 (PKIX) certificate profile both provide frameworks that must be profiled for use in a given application. This document provides a profile of IKE and PKIX that defines the requirements for using PKI technology in the context of IKE/IPsec. The document complements protocol specifications such as IKEv1 and IKEv2, which assume ...