Abstract
Group Key Exchange (GKE) is required for secure group communication with high confidentiality. In particular, a trusted authority can handle issues that happen by the malicious actions of group members, but it is expensive to deploy and not suitable in a dynamic setting where the network requires frequent membership status changes. To overcome these issues, we designed yet another quantum-resistant constant-round GKE based on lattice without a trusted authority based on Apon et al.'s protocol (PQCrypto 2019) by modifying their key computation phase. Then, we describe the novel dynamic authenticated GKE (called DRAG) with membership addition/deletion procedures in Ring Learning with Errors (RLWE) setting, while the former ones are built from Diffie-Hellman problem. Under the specific adversary who can leak the long-term secret key from the party, we suggest a rigorous proof of DRAG in the random oracle model based on the hardness assumption of RLWE problem and the property of Renyi divergence. As a proof of concept, implementation details are described to meet level 1 NIST security. Our implementation is reasonable for practical use since the total runtime to get a group secret key takes about 3 msec and it can be considered as a reference implementation of other quantum-resistant GKEs.
Highlights
These days, network topology is becoming more and more complicated such as group chatting in instant messaging applications, file sharing between multiple parties, etc
Former dynamic Group Key Exchange (GKE) protocols rely on number-theoretic problems such as Diffie-Hellman problem which is vulnerable to quantum computing attacks
To make a quantum-resistant dynamic GKE protocol, underlying number-theoretic problems should be replaced by other quantum-resistant ones like Ring Learning with Errors (RLWE) problem
Summary
These days, network topology is becoming more and more complicated such as group chatting in instant messaging applications, file sharing between multiple parties, etc. Secure communication between multiple parties is required to keep the confidentiality of their messages. Key establishment is a pre-determined protocol where two or more parties make a shared secret for subsequent cryptographic use [1]. This can be subdivided into key transport and key agreement protocols. Key transport protocol enables one party to create a secret value and securely transfer it to other parties but key agreement protocol derives the shared secret of two or more parties as a function of information contributed by each party, so that no party can estimate the result.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
