Abstract—The decentralized group key agreement scheme allows a group of participants to exchange private multicast messages via the protection of a group session key in the group. Recently, Zhu proposed the first group authentication key agreement scheme based on chaotic maps and the structure of a group is organized in an ordered chain. Thus each participant needs to establish two temporary two-party session keys with its predecessor and successor in a parallel algorithm. In order to cope with dynamic groups, the group session keys are frequently updated whenever a new member joins or a member leaves the group. Zhu claimed that the proposed scheme is secure against various attacks such as replay, man-in-the-middle, impersonation and key compromise attacks. Furthermore, Zhu extended the proposed scheme to high level security attributes such as privacy preserving, no clock synchronization problem, mutual and group authentication and perfect forward secrecy etc. However, in this paper, we found that Zhu’s scheme is vulnerable to successor impersonation problem and this weakness leads to a malicious adversary from deriving group session keys after impersonate attack. Moreover, their scheme is vulnerable to known key attack and this problem may lead to an adversary to compromise the previous and future group session keys. To overcome these security flaws, in this paper, we significantly improve the security of Zhu’s group key agreement scheme without increasing the communication overhead and computation complexity.
Index Terms—Cryptanalysis, chaotic maps, group key management, impersonation attack, privacy preserving.
Chun-Ta Li is with the Department of Information Management, Tainan University of Technology, Tainan City 71002, Taiwan, R.O.C. (e-mail: th0040@mail.tut.edu.tw).
Chi-Yao Weng is with the Department of Computer Science, Pingtung City 90003, Taiwan, R.O.C. (e-mail: cyweng@mail.nptu.edu.tw).
Chien-Ming Chen is with the School of Computer Science and Technology, Harbin Institute of Technology Shenzhen Graduate School, Shenzhen 518055, P.R. China (e-mail: chienming.taiwan@gmail.com).
Cheng-Chi Lee is with the Department of Library and Information Science, Fu Jen Catholic University, New Taipei City 24205, Taiwan, R.O.C. and with the Department of Photonics and Communication Engineering, Asia University, Taichung City 41354, Taiwan, R.O.C. (e-mail: cclee@mail.fju.edu.tw).
[PDF]
Cite:Chun-Ta Li, Chi-Yao Weng, Chien-Ming Chen, and Cheng-Chi Lee, "An Improved Group Key Agreement Scheme with Privacy Preserving Based on Chaotic Maps," Journal of Advances in Computer Networks vol. 6, no. 1, pp. 1-6, 2018.
