{"title":"Comments on ‘Chinese Remainder Theorem-based centralised group key management for secure multicast communication’","authors":"Zhe Xia, Yu Yang, Fuyou Miao","doi":"10.1049/ise2.12085","DOIUrl":null,"url":null,"abstract":"<p>To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar et al. have introduced such a group key management scheme with lightweight overheads in both computation and communication. And this scheme has been used as a building block in many cryptographic protocols afterwards. In this paper, the authors demonstrate that Vijayakumar's scheme suffers some potential security weaknesses. First, after participating in the group communications for some sessions, a group member may still be able to obtain the group key after it leaves the group, and this violates the claimed security property of forward secrecy. Second, some colluding group members may derive another group member's long term secret key, and obviously, this has more serious consequences. One of the main reasons for the existence of these attacks is that the security analyses in Vijayakumar's scheme are informal and they cannot cover the dynamic environment. To address this issue, the authors’ suggestion is that heuristic arguments of security are not adequate in the design of cryptographic protocols, but formal security definitions and proofs are required.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 2","pages":"309-314"},"PeriodicalIF":1.3000,"publicationDate":"2022-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12085","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/ise2.12085","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 1
Abstract
To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar et al. have introduced such a group key management scheme with lightweight overheads in both computation and communication. And this scheme has been used as a building block in many cryptographic protocols afterwards. In this paper, the authors demonstrate that Vijayakumar's scheme suffers some potential security weaknesses. First, after participating in the group communications for some sessions, a group member may still be able to obtain the group key after it leaves the group, and this violates the claimed security property of forward secrecy. Second, some colluding group members may derive another group member's long term secret key, and obviously, this has more serious consequences. One of the main reasons for the existence of these attacks is that the security analyses in Vijayakumar's scheme are informal and they cannot cover the dynamic environment. To address this issue, the authors’ suggestion is that heuristic arguments of security are not adequate in the design of cryptographic protocols, but formal security definitions and proofs are required.
为了保证群组成员之间的私有消息交换,需要构建安全高效的群组密钥管理方案。此外,如果这些方案能够支持群组成员的动态加入或离开,则这些方案将更加通用。在IET Information Security 2014中,Vijayakumar等人引入了这样一种组密钥管理方案,该方案在计算和通信方面的开销都很轻。此后,该方案被用作许多加密协议的构建块。在本文中,作者证明了Vijayakumar的方案存在一些潜在的安全弱点。首先,在参与了某些会话的组通信之后,组成员可能在离开组后仍然能够获得组密钥,这违反了所声称的前向保密的安全属性。其次,一些串通的组成员可能会获得另一个组成员的长期秘密密钥,显然,这有更严重的后果。这些攻击存在的主要原因之一是Vijayakumar方案中的安全分析是非正式的,它们不能涵盖动态环境。为了解决这个问题,作者的建议是,安全性的启发式论证在加密协议的设计中是不够的,而需要正式的安全定义和证明。
期刊介绍:
IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls.
Scope:
Access Control and Database Security
Ad-Hoc Network Aspects
Anonymity and E-Voting
Authentication
Block Ciphers and Hash Functions
Blockchain, Bitcoin (Technical aspects only)
Broadcast Encryption and Traitor Tracing
Combinatorial Aspects
Covert Channels and Information Flow
Critical Infrastructures
Cryptanalysis
Dependability
Digital Rights Management
Digital Signature Schemes
Digital Steganography
Economic Aspects of Information Security
Elliptic Curve Cryptography and Number Theory
Embedded Systems Aspects
Embedded Systems Security and Forensics
Financial Cryptography
Firewall Security
Formal Methods and Security Verification
Human Aspects
Information Warfare and Survivability
Intrusion Detection
Java and XML Security
Key Distribution
Key Management
Malware
Multi-Party Computation and Threshold Cryptography
Peer-to-peer Security
PKIs
Public-Key and Hybrid Encryption
Quantum Cryptography
Risks of using Computers
Robust Networks
Secret Sharing
Secure Electronic Commerce
Software Obfuscation
Stream Ciphers
Trust Models
Watermarking and Fingerprinting
Special Issues. Current Call for Papers:
Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
