Group key management schemes under strong active adversary model: A security analysis

Abstract

A group key management scheme is for a group controller to manage an encryption key for a collection of users to communicate messages among themselves securely. The presence of group key with each node is de-facto that holds the group together. A dynamic group key management scheme is considered secure if it can preserve both backward and forward secrecy. With this as objective, a wide variety of group key management schemes were proposed. However, we highlight that these schemes provide security only under passive attack model and are completely defenceless against an active outsider adversary. Hence, to press over our point, in this paper, we have selected four categories of group key management schemes and analyze one base scheme from each of these categories under active outsider attack model. We point to the fact that all of them are insecure under active outsider attack model and comprehensively reason for their insecurity. The only way these schemes can be secured is by re-instantiating the group again.