Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’
Abstract To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2023-03-01
|
| Series: | IET Information Security |
| Online Access: | https://doi.org/10.1049/ise2.12085 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849685783827447808 |
|---|---|
| author | Zhe Xia Yu Yang Fuyou Miao |
| author_facet | Zhe Xia Yu Yang Fuyou Miao |
| author_sort | Zhe Xia |
| collection | DOAJ |
| description | Abstract To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar et al. have introduced such a group key management scheme with lightweight overheads in both computation and communication. And this scheme has been used as a building block in many cryptographic protocols afterwards. In this paper, the authors demonstrate that Vijayakumar's scheme suffers some potential security weaknesses. First, after participating in the group communications for some sessions, a group member may still be able to obtain the group key after it leaves the group, and this violates the claimed security property of forward secrecy. Second, some colluding group members may derive another group member's long term secret key, and obviously, this has more serious consequences. One of the main reasons for the existence of these attacks is that the security analyses in Vijayakumar's scheme are informal and they cannot cover the dynamic environment. To address this issue, the authors’ suggestion is that heuristic arguments of security are not adequate in the design of cryptographic protocols, but formal security definitions and proofs are required. |
| format | Article |
| id | doaj-art-c72a7d505a8244d093a2c9d43f5f41c2 |
| institution | DOAJ |
| issn | 1751-8709 1751-8717 |
| language | English |
| publishDate | 2023-03-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj-art-c72a7d505a8244d093a2c9d43f5f41c22025-08-20T03:22:58ZengWileyIET Information Security1751-87091751-87172023-03-0117230931410.1049/ise2.12085Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’Zhe Xia0Yu Yang1Fuyou Miao2School of Computer Science and Artificial Intelligence Wuhan University of Technology Wuhan ChinaSchool of Computer Science and Artificial Intelligence Wuhan University of Technology Wuhan ChinaSchool of Computer Science and Technology University of Science and Technology of China Hefei ChinaAbstract To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar et al. have introduced such a group key management scheme with lightweight overheads in both computation and communication. And this scheme has been used as a building block in many cryptographic protocols afterwards. In this paper, the authors demonstrate that Vijayakumar's scheme suffers some potential security weaknesses. First, after participating in the group communications for some sessions, a group member may still be able to obtain the group key after it leaves the group, and this violates the claimed security property of forward secrecy. Second, some colluding group members may derive another group member's long term secret key, and obviously, this has more serious consequences. One of the main reasons for the existence of these attacks is that the security analyses in Vijayakumar's scheme are informal and they cannot cover the dynamic environment. To address this issue, the authors’ suggestion is that heuristic arguments of security are not adequate in the design of cryptographic protocols, but formal security definitions and proofs are required.https://doi.org/10.1049/ise2.12085 |
| spellingShingle | Zhe Xia Yu Yang Fuyou Miao Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ IET Information Security |
| title | Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ |
| title_full | Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ |
| title_fullStr | Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ |
| title_full_unstemmed | Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ |
| title_short | Comments on ‘Chinese Remainder Theorem‐based centralised group key management for secure multicast communication’ |
| title_sort | comments on chinese remainder theorem based centralised group key management for secure multicast communication |
| url | https://doi.org/10.1049/ise2.12085 |
| work_keys_str_mv | AT zhexia commentsonchineseremaindertheorembasedcentralisedgroupkeymanagementforsecuremulticastcommunication AT yuyang commentsonchineseremaindertheorembasedcentralisedgroupkeymanagementforsecuremulticastcommunication AT fuyoumiao commentsonchineseremaindertheorembasedcentralisedgroupkeymanagementforsecuremulticastcommunication |