A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol
Abstract
:1. Introduction
- In our protocol, before negotiating the group key, each group member only needs to authenticate its left neighbor once and perform batch authentication once, instead of implementing mutual authentication between group members, which reduces much of the computation and communication costs.
- The blockchain can be regarded as a shared distributed ledger [10], which can effectively solve the problem of single node failure. Therefore, we use the blockchain to store the public parameters and registration information of all group members. This allows our protocol to solve the problem of single node failure, while also making all the parameters and information stored in the blockchain unmodifiable [11]. In addition, based on blockchain technology, group members can join any group in the entire system after completing registration on any server, which improves convenience.
- In our protocol, when group members join or leave a group, they only needs to update the parameters of an adjacent group member, which also improves the scalability of our protocol.
- Our protocol guarantees the forward secrecy of group members after joining the group and the backward secrecy of group members after leaving the group.
2. Related Works
- (1)
- Centralized group key agreement protocol:
- (2)
- Decentralized group key agreement protocol:
- (3)
- Distributed group key agreement protocol:
3. Preliminaries
3.1. Network Model
3.2. Threat Model
- The adversary has the ability to intercept all data transmitted over unsecured channels, and he/she can inject new data and replace or replay the previously sent data.
- All KDCs are semi-trusted parties, which means that they may misbehave themselves, but do not conspire with any other KDC [30].
- With the help of a Tamper-Proof Device (TPD), we assume that even if the adversary compromises the KDC, he/she cannot extract any secret keys from it.
- The adversary has the ability to capture any number of s and can access all the secret information stored in the ’s memory by capturing attack.
3.3. Bilinear Pairing
- Bilinearity: and , are satisfied.
- Non-degenerate: such that .
- Computable: for all , there is always an effective algorithm to compute .
- Elliptic Curve Discrete Logarithm problem (ECDL): Let , given , and compute a.
- Computational Diffie–Hellman problem (CDH): Let , given , , and , and find .
- Decisional Diffie–Hellman problem (DDH): Let , given , , , and , and decide if .
4. Proposed Protocol
4.1. Initialization Phase
4.2. Registration Phase
4.3. Mutual Authentication Phase
4.4. Group Key Generation Phase
4.5. Join Phase
4.6. Leave Phase
4.7. Internal Attacker Detection Process
5. Security and Performance Analysis
5.1. Correctness Analysis
5.2. Simulation Based on the ProVerif Tool
5.3. Informal Security Analysis
5.3.1. Impersonation Attack
5.3.2. Capture Attack
5.3.3. Replay Attack
5.3.4. Forward Secrecy after a New Joins
5.3.5. Backward Secrecy after a Leaves
5.3.6. Single Node Failure
6. Performance Analysis and Comparison
6.1. Computation Cost
6.2. Communication Cost
6.3. Comparison with Related Protocols
7. Conclusions
Author Contributions
Funding
Conflicts of Interest
Abbreviations
MEC | Mobile Edge Computing |
SCM | Small Cell Manager |
SCC | Small Cell Cloud |
GN | General Node |
KDC | Key Distribution Center |
LKH | Logical Key Hierarchy |
TPD | Tamper-Proof Device |
ECC | Elliptic Curve Cryptography |
SA | System Administrator |
ECDL | Elliptic Curve Discrete Logarithm problem |
CDH | Computational Diffie–Hellman problem |
DDH | Decisional Diffie–Hellman problem |
References
- Rafaeli, S.; Hutchison, D. A survey of key management for secure group communication. ACM Comput. Surv. CSUR 2003, 35, 309–329. [Google Scholar] [CrossRef]
- Wang, T.; Qiu, L.; Sangaiah, A.K.; Liu, A.; Bhuiyan, M.Z.A.; Ma, Y. Edge-Computing-Based Trustworthy Data Collection Model in the Internet of Things. IEEE Internet Things J. 2020, 7, 4218–4227. [Google Scholar] [CrossRef]
- Mach, P.; Becvar, Z. Mobile edge computing: A survey on architecture and computation offloading. IEEE Commun. Surv. Tutorials 2017, 19, 1628–1656. [Google Scholar] [CrossRef] [Green Version]
- Gong, L.; Shacham, N. Multicast security and its extension to a mobile environment. Wirel. Netw. 1995, 1, 281–295. [Google Scholar] [CrossRef]
- Liang, W.; Huang, W.; Long, J.; Zhang, K.; Li, K.C.; Zhang, D. Deep reinforcement learning for resource protection and real-time detection in IoT environment. IEEE Internet Things J. 2020, 7, 6392–6401. [Google Scholar] [CrossRef]
- Wang, T.; Cao, Z.; Wang, S.; Wang, J.; Qi, L.; Liu, A.; Xie, M.; Li, X. Privacy-enhanced data collection based on deep learning for Internet of vehicles. IEEE Trans. Ind. Inform. 2019, 16, 6663–6672. [Google Scholar] [CrossRef]
- Islam, S.H.; Obaidat, M.S.; Vijayakumar, P.; Abdulhay, E.; Li, F.; Reddy, M.K.C. A robust and efficient password-based conditional privacy preserving authentication and group-key agreement protocol for VANETs. Future Gener. Comput. Syst. 2018, 84, 216–227. [Google Scholar] [CrossRef]
- Naresh, V.S.; Reddi, S.; Murthy, N.V. A provably secure cluster-based hybrid hierarchical group key agreement for large wireless ad hoc networks. Hum. Centric Comput. Inf. Sci. 2019, 9, 26. [Google Scholar] [CrossRef] [Green Version]
- Zheng, J.; Yang, C.; Xue, J.; Zhang, C. A Dynamic ID-based Authenticated Group Key Agreement Protocol. In Proceedings of the 2015 4th National Conference on Electrical, Electronics and Computer Engineering, Xi’an, China, 12–13 December 2015; Atlantis Press: Xi’an, China, 2015. [Google Scholar]
- Hussien, H.M.; Yasin, S.M.; Udzir, S.; Zaidan, A.A.; Zaidan, B.B. A systematic review for enabling of develop a blockchain technology in healthcare application: Taxonomy, substantially analysis, motivations, challenges, recommendations and future direction. J. Med. Syst. 2019, 43, 320. [Google Scholar] [CrossRef]
- Zubaydi, H.D.; Chong, Y.W.; Ko, K.; Hanshi, S.M.; Karuppayah, S. A review on the role of blockchain technology in the healthcare domain. Electronics 2019, 8, 679. [Google Scholar] [CrossRef] [Green Version]
- Seetha, R.; Saravanan, R. A survey on group key management schemes. Cybern. Inf. Technol. 2015, 15, 3–25. [Google Scholar] [CrossRef] [Green Version]
- Barskar, R.; Chawla, M. A survey on efficient group key management schemes in wireless networks. Indian J. Sci. Technol. 2016, 9, 14. [Google Scholar] [CrossRef] [Green Version]
- Wong, C.K.; Gouda, M.; Lam, S.S. Secure group communications using key graphs. IEEE/ACM Trans. Netw. 2000, 8, 16–30. [Google Scholar] [CrossRef]
- Mittra, S. Iolus: A framework for scalable secure multicasting. In ACM SIGCOMM Computer Communication Review; ACM: New York, NY, USA, 1997; Volume 27, pp. 277–288. [Google Scholar]
- Setia, S.; Koussih, S.; Jajodia, S.; Harder, E. Kronos: A scalable group re-keying approach for secure multicast. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, S&P 2000, Berkeley, CA, USA, 14–17 May 2000; IEEE: Piscataway, NY, USA, 2000; pp. 215–228. [Google Scholar]
- Gupta, S.; Kumar, A.; Kumar, N. Design of ECC based authenticated group key agreement protocol using self-certified public keys. In Proceedings of the 2018 4th International Conference on Recent Advances in Information Technology (RAIT), Dhanbad, India, 15–17 March 2018; IEEE: Piscataway, NY, USA, 2018; pp. 1–5. [Google Scholar]
- Zheng, J.; Zhang, X.; Zhang, Q.; Zhang, Q.; Zhang, C. Multi-domain lightweight asymmetric group key agreement. Chin. J. Electron. 2018, 27, 1085–1091. [Google Scholar] [CrossRef]
- Wang, L.; Tian, Y.; Zhang, D.; Lu, Y. Constant-round authenticated and dynamic group key agreement protocol for D2D group communications. Inf. Sci. 2019, 503, 61–71. [Google Scholar] [CrossRef]
- Boneh, D.; Lynn, B.; Shacham, H. Short signatures from the Weil pairing. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, 9–13 December 2001; Springer: Berlin/Heidelberg, Germany, 2001; pp. 514–532. [Google Scholar]
- Zhang, Q.; Gan, Y.; Zhang, Q.; Wang, R.; Tan, Y.A. A dynamic and cross-domain authentication asymmetric group key agreement in telemedicine application. IEEE Access 2018, 6, 24064–24074. [Google Scholar]
- Kavitha, S.; Alphonse, P.; Reddy, Y.V. An Improved Authentication and Security on Efficient Generalized Group Key Agreement Using Hyper Elliptic Curve Based Public Key Cryptography for IoT Health Care System. J. Med. Syst. 2019, 43, 260. [Google Scholar] [CrossRef]
- Geng, M.; Zhang, F.; Gao, M. A secure certificateless authenticated group key agreement protocol. In Proceedings of the 2009 International Conference on Multimedia Information Networking and Security, Wuhan, China, 18–20 November 2009; IEEE: Piscataway, NY, USA, 2009; Volume 1, pp. 342–346. [Google Scholar]
- Zhang, Q.; Wang, R.; Tan, Y. Identity-based authenticated asymmetric group key agreement. J. Comput. Res. Dev. 2014, 51, 1727–1738. [Google Scholar]
- Shi, Y.; Chen, G.; Li, J. ID-based one round authenticated group key agreement protocol with bilinear pairings. In Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’05)-Volume II, Las Vegas, NV, USA, 4–6 April 2005; IEEE: Piscataway, NY, USA, 2005; Volume 1, pp. 757–761. [Google Scholar]
- Alphonse, P.; Reddy, Y.V. A method for obtaining authenticated scalable and efficient group key agreement for wireless ad-hoc networks. Clust. Comput. 2019, 22, 3145–3151. [Google Scholar] [CrossRef]
- Kiayias, A.; Russell, A.; David, B.; Oliynykov, R. Ouroboros: A provably secure proof-of-stake blockchain protocol. In Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA, 18–22 August 2017; Springer: Berlin/Heidelberg, Germany, 2017; pp. 357–388. [Google Scholar]
- Liang, W.; Fan, Y.; Li, K.C.; Zhang, D.; Gaudiot, J.L. Secure data storage and recovery in industrial blockchain network environments. IEEE Trans. Ind. Inform. 2020, 16, 6543–6552. [Google Scholar] [CrossRef]
- Liang, W.; Zhang, D.; Lei, X.; Tang, M.; Li, K.C.; Zomaya, A. Circuit Copyright Blockchain: Blockchain-based Homomorphic Encryption for IP Circuit Protection. IEEE Trans. Emerg. Top. Comput. 2020. [Google Scholar] [CrossRef]
- Franklin, M.K.; Reiter, M.K. Fair exchange with a semi-trusted third party. In Proceedings of the 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland, 1–4 April 1997; pp. 1–5. [Google Scholar]
- Xu, Z.; Xu, C.; Chen, H.; Yang, F. A lightweight anonymous mutual authentication and key agreement scheme for WBAN. Concurr. Comput. Pract. Exp. 2019, 31, e5295. [Google Scholar] [CrossRef]
- Blanchet, B.; Smyth, B. Automated reasoning for equivalences in the applied pi calculus with barriers. J. Comput. Secur. 2018, 26, 367–422. [Google Scholar] [CrossRef] [Green Version]
- Carman, D.W.; Kruus, P.S.; Matt, B.J. Constraints and Approaches for Distributed Sensor Network Security (Final); Technical Report; The Security Research Division of Network Associates Inc: Glenwood, MD, USA, 1 September 2000. [Google Scholar]
- Makri, E.; Konstantinou, E. Constant round group key agreement protocols: A comparative study. Comput. Secur. 2011, 30, 643–678. [Google Scholar] [CrossRef]
- He, D.; Zeadally, S.; Kumar, N.; Wu, W. Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans. Inf. Forensics Secur. 2016, 119, 2052–2064. [Google Scholar] [CrossRef]
Symbol | Description |
---|---|
SA | System Administrator |
KDC | Key Distribution Center |
General node | |
q | A large prime number |
Cyclic additive groups of prime order q | |
Cyclic multiplicative groups of prime order q | |
Q | The generator of |
e | Bilinear pairing |
The identity of | |
The identity of the group | |
L | A circular list that stores all -related information in the group |
s | The KDC’s private key |
The KDC’s public key | |
, | The ’s public key |
, | The ’s private key |
, | Timestamp |
The timestamp when the latest information was received | |
Maximum communication transmission delay | |
Symmetric key | |
Symmetric encryption algorithm | |
Symmetric decryption algorithm | |
Hash operation | |
Group key | |
⊕ | Bitwise XOR operation |
Concatenation of data a and data b |
Zheng et al. [9] | Zhang et al. [21] | Gupta et al. [17] | Our Protocol | |
---|---|---|---|---|
Point multiplication operations on ECC | ||||
Bilinear pairing | 6 | 0 | 4 | |
Hash operation | 0 | 5 | ||
Symmetric encryption or decryption | 4 | 0 | 0 | 2 |
Point addition operations on ECC | 0 | |||
Message length sent by each group member | - | |||
Message length received by each group member | - | |||
Total sent message length | ||||
Total received message length |
Operations | Energy Consumption |
---|---|
0.00217 mJ | |
8.8 mJ | |
0.001085 mJ | |
0.000108 mJ | |
47 mJ | |
Transmitting a bit | 0.00066 mJ |
Receiving a bit | 0.00031 mJ |
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Xu, Z.; Li, F.; Deng, H.; Tan, M.; Zhang, J.; Xu, J. A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol. Sensors 2020, 20, 4835. https://doi.org/10.3390/s20174835
Xu Z, Li F, Deng H, Tan M, Zhang J, Xu J. A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol. Sensors. 2020; 20(17):4835. https://doi.org/10.3390/s20174835
Chicago/Turabian StyleXu, Zisang, Feng Li, Han Deng, Minfu Tan, Jixin Zhang, and Jianbo Xu. 2020. "A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol" Sensors 20, no. 17: 4835. https://doi.org/10.3390/s20174835
APA StyleXu, Z., Li, F., Deng, H., Tan, M., Zhang, J., & Xu, J. (2020). A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol. Sensors, 20(17), 4835. https://doi.org/10.3390/s20174835