TitleOne-round asymetric group key agreement from scratch and Broadcast in ad hoc networks
Date 18-06-2008 12:00
SummaryA group key agreement (GKA) protocol allows a set of members to establish a common secret via open networks. Observing that the main goal of GKAs for most applications is to establish a confidential channel among group members, we revisit the GKA definition and distinguish the conventional (symmetric) group key agreement from asymmetric group key agreement (ASGKA) protocols. In the latter notion, instead of a common secret key, only a shared encryption key is negotiated at the end of the protocol. This encryption key is accessible for attackers and corresponds to different decryption keys merely computable by each group member. We propose a generic construction of one-round ASGKAs based on a new primitive referred to as aggregatable homomorphic cryptosystem (AHC), in which the public key can be simultaneously used to verify signatures and encrypt messages while any signature can be used to decrypt ciphertexts under this public key. Using bilinear pairings, we realize an efficient AHC scheme and by following the generic construction, we instantiate a one-round ASGKA protocol tightly reduced to the decision Bilinear Diffie-Hellman Exponentiation (BDHE) assumption in the standard model. Finally, we illustrate how our one-round ASGKA protocol can be used to build dynamic broadcast with short ciphertext and short secret key in ad hoc networks.