Group Key Exchange (GKE) is required for secure group communication with high confidentiality. In particular, a trusted authority can handle issues that happen by the malicious actions of group members,… Click to show full abstract
Group Key Exchange (GKE) is required for secure group communication with high confidentiality. In particular, a trusted authority can handle issues that happen by the malicious actions of group members, but it is expensive to deploy and not suitable in a dynamic setting where the network requires frequent membership status changes. To overcome these issues, we designed yet another quantum-resistant constant-round GKE based on lattice without a trusted authority based on Apon et al.’s protocol (PQCrypto 2019) by modifying their key computation phase. Then, we describe the novel dynamic authenticated GKE (called DRAG) with membership addition/deletion procedures in Ring Learning with Errors (RLWE) setting, while the former ones are built from Diffie-Hellman problem. Under the specific adversary who can leak the long-term secret key from the party, we suggest a rigorous proof of DRAG in the random oracle model based on the hardness assumption of RLWE problem and the property of Rényi divergence. As a proof of concept, implementation details are described to meet level 1 NIST security. Our implementation is reasonable for practical use since the total runtime to get a group secret key takes about 3 msec and it can be considered as a reference implementation of other quantum-resistant GKEs.
               
Click one of the above tabs to view related content.