Open Access Open Access  Restricted Access Subscription Access

Analysis and Improvement of Key Distribution Scheme for Secure Group Communication


Affiliations
1 Department of Information and Telecommunication Engineering, Ming Chuan University, Taoyuan 333, Taiwan, Province of China
2 Department of Information and Computer Engineering, Chung Yuan Christian University, Taoyuan 320, Taiwan, Province of China
 

In a secure group communication, messages between a group coordinator and members are protected by session keys. If a group's membership changes, the session keys should be updated to insure forward secrecy and backward secrecy. Zhou and Huang proposed a key-updated scheme based on ciphertext-policy attribute encryption algorithm to improve the security of key-update mechanism, but their scheme is vulnerable: a malicious group member may send forged key-updatemessages to control the group. In this paper, we analyze the vulnerability in Zhou and Huang's scheme and propose an enhanced scheme. In our scheme, only the group initiator can update group keys and the verification of key-update mechanism is improved to prevent malicious insiders from controlling the group.We also give a security and performance analysis of our scheme.
User
Notifications
Font Size

Abstract Views: 64

PDF Views: 0




  • Analysis and Improvement of Key Distribution Scheme for Secure Group Communication

Abstract Views: 64  |  PDF Views: 0

Authors

Jia Ning Luo
Department of Information and Telecommunication Engineering, Ming Chuan University, Taoyuan 333, Taiwan, Province of China
Ming Hour Yang
Department of Information and Computer Engineering, Chung Yuan Christian University, Taoyuan 320, Taiwan, Province of China

Abstract


In a secure group communication, messages between a group coordinator and members are protected by session keys. If a group's membership changes, the session keys should be updated to insure forward secrecy and backward secrecy. Zhou and Huang proposed a key-updated scheme based on ciphertext-policy attribute encryption algorithm to improve the security of key-update mechanism, but their scheme is vulnerable: a malicious group member may send forged key-updatemessages to control the group. In this paper, we analyze the vulnerability in Zhou and Huang's scheme and propose an enhanced scheme. In our scheme, only the group initiator can update group keys and the verification of key-update mechanism is improved to prevent malicious insiders from controlling the group.We also give a security and performance analysis of our scheme.