Stateful authenticated group key exchange (stAGKE) represents an important class of authenticated group key exchange (AGKE) such as tree-based AGKE. The computation of either ephemeral public key or session key in a new stAGKE session may be based on the ephemeral secret state from some previously established session. We notice that earlier AGKE models may be not able to provide appropriate security arguments for stAGKE. In this work, a new model is proposed for stAGKE to formulate security properties in particular for resistance to the leakage attacks on ephemeral key. To be of independent interest, the new model is also flexible, which can be used for analyzing either stateless or stateful AGKE protocols. We show the validity of our model by introducing a new tree-based protocol construction for stAGKE. The proposed scheme is proven secure in our new proposed model without random oracles.

• 出版日期2018-8
• 单位重庆理工大学