Group Diie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to provide a pool of players with a shared secret key which may later be used, for example, to achieve multicast message integrity. Over the years, several schemes have been ooered. However, no formal treatment for this cryptographic problem has ever been suggested. In this paper, we present a security model for this...

Key establishment between two parties that uses only one message transmission is referred to as one-pass key establishment (OPKE). OPKE provides the opportunity for very efficient constructions, even though they will typically provide a lower level of security than the corresponding multi-pass variants. In this paper, we explore the intuitive connection between signcryption and OPKE. By establi...

Despite the importance of proofs in assuring protocol implementers about the security properties of key establishment protocols, many protocol designers fail to provide any proof of security. Flaws detected long after the publication and/or implementation of protocols will erode the credibility of key establishment protocols. We examine the class of key agreement protocols (without proofs of se...

We show that two new key exchange protocols with security based on the triple decomposition problem may have security based on the MSCSP.

The Bresson-Chevassut-Pointcheval (BCP) model is a formalism for the analysis of authenticated group key exchange protocols. Also there are some desired security goals for a practical group key exchange protocol, which are necessary in achieving resistance to active attacks mounted by an increasingly powerful adversary. However, whether a proved secure protocol in the BCP model can meet these s...

A new proposal for group key exchange is introduced which proves to be both efficient and secure and compares favorably with state of the art protocols.

In the paper we study parallel key exchange among multiple parties. The status of parallel key exchange can be depicted by a key graph. In a key graph, a vertex represents a party and an edge represents a relation of two parties who are to share a key. We first propose a security model for a key graph, which extends the Bellare-Rogaway model for two-party key exchange. Next, we clarify the rela...

Protocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been proposed over the years for a variety of settings. In this work, we present a new protocol for password-aut...

Minimizing complexity of group key exchange (GKE) protocols is an important milestone towards their practical deployment. An interesting approach to achieve this goal is to simplify the design of GKE protocols by using generic building blocks. In this paper we investigate the possibility of founding GKE protocols based on a primitive called multi key encapsulation mechanism (mKEM) and describe ...

Security models for two-party authenticated key exchange (AKE) protocols have developed over timeto prove the security of AKE protocols even when the adversary learns certain secret values. In this work,we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after thesession key is established. We introduce a generic key exchange secur...