Abstract
Multi-Party Non-Interactive Key Exchange (MP-NIKE) is a fundamental cryptographic primitive in which users register into a key generation centre and receive a public/private key pair each. After that, any subset of these users can compute a shared key without any interaction. Nowadays, IoT devices suffer from a high number and large size of messages exchanged in the Key Management Protocol (KMP). To overcome this, an MP-NIKE scheme can eliminate the airtime and latency of messages transferred between IoT devices. MP-NIKE schemes can be realized by using multilinear maps. There are several attempts for constructing multilinear maps based on indistinguishable obfuscation, lattices and the Chinese Remainder Theorem (CRT). Nevertheless, these schemes are inefficient in terms of computation cost and memory overhead. Besides, several attacks have been recently reported against CRT-based and lattice-based multilinear maps. There is only one modular exponentiation-based MP-NIKE scheme in the literature which has been claimed to be both secure and efficient. In this article, we present an attack on this scheme based on the Euclidean algorithm, in which two colluding users can obtain the shared key of any arbitrary subgroup of users. We also propose an efficient and secure MP-NIKE scheme. We show how our proposal is secure in the random oracle model assuming the hardness of the root extraction modulo a composite number.
Highlights
In a key distribution scheme, an off-line Key Generation Center (KGC) distributes keying information through a secure channel to every node in the network
Ma and Zhandry proposed another multilinear map based on CLT13 which is provably secure against previously known attacks, but its security its not proven in the standard security model [48]
PRELIMINARIES we introduce the notations used in this paper, the necessary definitions, lemmas and the general model of Non-Interactive Key Exchange (NIKE)
Summary
In a key distribution scheme, an off-line Key Generation Center (KGC) distributes keying information through a secure channel to every node (user) in the network. The Simple Password-Based Encrypted Key Exchange (SPAKE2) protocol [5] provides forward secrecy, but, in addition to just being two-party, it requires agreement on a password between any two users and it is interactive It means that any two users need to somehow agree on a shared password, so, it is not efficent at all. The proposed MP-NIKE scheme provides resilience and enables any subset of sensors to efficiently compute a shared key without any interactions; adding new nodes in future can be quickly addressed. The computation cost of the proposed protocol for computing a shared key for a group W , with size |W |, is only |W |−1 modular exponentiations and every user needs to store just one public/private key pair of small size.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
