Round-Efficient and Sender-Unrestricted Dynamic Group Key Agreement Protocol for Secure Group Communications

Modern collaborative and group-oriented applications typically involve communications over open networks. Given the openness of today's networks, communications among group members must be secure and, at the same time, efficient. Group key agreement (GKA) is widely employed for secure group communications in modern collaborative and group-oriented applications. This paper studies the problem of GKA in identity-based cryptosystems with an emphasis on round-efficient, sender-unrestricted, member-dynamic, and provably secure key escrow freeness. The problem is resolved by proposing a one-round dynamic asymmetric GKA protocol which allows a group of members to dynamically establish a public group encryption key, while each member has a different secret decryption key in an identity-based cryptosystem. Knowing the group encryption key, any entity can encrypt to the group members so that only the members can decrypt. We construct this protocol with a strongly unforgeable stateful identity-based batch multisignature scheme. The proposed protocol is shown to be secure under the k-bilinear Diffie-Hellman exponent assumption.