International Journal of Network Security, Vol.17, No.5, PP.510-516, Sept. 2015 510 An Extended Identity Based Authenticated Asymmetric Group Key Agreement Protocol Reddi Siva Ranjani, D. Lalitha Bhaskari, P. S. Avadhani (Corresponding author: Reddi Siva Ranjani) Department of Computer Science and Systems Engineering, Andhra University Visakhapatnam, Andhra pradesh, India. (Email: rsivaranjani552008@gmail.com) (Received Sept. 29, 2013; revised and accepted Feb. 18 & Mar. 13, 2014) Abstract Lei et al. [26] proposed a new asymmetric group key agree- ment protocol allowing a set of users to negotiate a com- mon encryption key accessible by any user, and each user holds her respective decryption key. This enables the con- fidential message communication among group users, and grants any outsider to send message to the group. In this paper, an authenticated asymmetric group key agreement protocol is proposed, which offers security against active as well as passive attacks. Proposed protocol uses broad- cast encryption mechanism without relying on the trusted dealer to distribute the secret key. An identity based fea- ture is included in the protocol to provide authentication. Keywords: Identity based, group key agreement, pairings, public key cryptography 1 Introduction Group Key Agreement (GKA) Protocols [1, 14] allow a group of users to derive a common secret key, from which a session key can be inferred. Therefore, they are used in any group oriented communication applications, such as video conference, priced VCD distribution and collab- orative computations. All these applications require se- cure broadcasting at the network layer among the parties in the group communication. In conventional group key agreement, all the users in the group establish a common shared secret key, which is used in message encryption and decryption. In the recently developed asymmetric key agreement protocol by Wu et al. [23], all the group participants negotiate a common encryption key which is accessible to all including non group members, un- like the regular GKA. Each group participant holds his own contribution, which is used in his secret decryption key derivation. Therefore, beside the group participants, Asymmetric Group Key Agreement Protocols (AGKAP) allows outsiders of the group to broadcast the cipher mes- sages to the group participants, provided that the sender knows the negotiated public key. 1.1 Motivation and Contributions Group key management protocols [19, 22] are classified into group key distribution protocols and group key agree- ment protocols. The group key distribution protocols [2] are used to distribute group key to the group participants. In group key agreement, group participants are actively involved in the derivation of group key. Compared with conventional group key agreement protocol, AGKAP is having the advantage of one round efficiency. Many of the popular conventional GKA protocols require two or more rounds for sharing the common secret key. In these protocols, all the participants should be connected con- currently in order to share the key. However, if the partic- ipants are located in different locations with different time zones, it is very difficult for them to be connected concur- rently. But, single round ASGKA protocols [17, 23] have several advantages over the GKA protocols with two or more rounds. The single round ASGKA allows each par- ticipant to publish their public key contribution by hold- ing their respective secret key. The participant need not be connected during the key sharing. To send a message to participants in the group, the sender encrypts the mes- sage commonly using the derived common group public key and generates the cipher text. The protocols devel- oped are efficient but secure against passive attacks only. However, in real world attackers are active attackers, who can control the communication channel to place powerful attacks. Man-in-middle attack and also, with which the active attackers can delay, modify, replay and insert the messages during the execution of the protocol. Hence, it is imperative for an ASGKA protocol to resist against the attacks from active adversaries. Any Authenticated key agreement protocol [9, 10, 15, 20, 27], which ensures that no entities other than intended participant can possibly compute the agreed group ses- sion key, even the attacker is active or passive. In au-