Cryptanalysis of a Group Key Transfer Protocol Based on Secret Sharing: Generalization and Countermeasures

Group key distribution protocol is a mechanism in which a group key is generated and distributed by KGC to a set of communicating parties in a group. This group key generally ensures secure communication among communicating parties in an unsecure channel. Harn and Lin protocol is one such. It is based on Shamir\u27s secret sharing scheme. Nam et al. exposed the vulnerability in Harn and Lin protocol through their replay attack and proposed a countermeasure using nonce mechanism. In this paper, we are generalizing the replay attack proposed by Nam et al. and proposing an alternative countermeasure without using nonce mechanism. Novelty of our countermeasure is that KGC is not required to detect replay messages and hence each user doesn\u27t need to compute authentication message as in Nam et al. Proposed countermeasure thereby brings down the computational complexity of the scheme

A novel Group Key Transfer Protocol

Group key transfer protocols depend on a mutually trusted key generation center (KGC) to transport the group key to all group members secretly. This approach requires that a trusted sever be set up, and it incurs communication overhead costs. In addition, the existing group key transfer protocols based on secret sharing all use threshold schemes that need to compute a -degree interpolating polynomial to encrypt and decrypt the secret group key, then it increases the computational complexity of system. In this paper, we first present a novel group key transfer protocol without an online KGC, which is based on DH key agreement and a perfect linear secret sharing scheme (LSSS). The confidentiality of the group key transfer phase of this protocol is information theoretically secure, which is ensured by this LSSS. Furthermore, this protocol can resist potential attacks and also reduce the overhead of system implementation. Goals and security threats of our proposed group key transfer protocol will be analyzed in detail