In this paper, we address the problem of mutual authentication in user groups in decentralized messaging systems without trusted third party. We propose a mutual authentication algorithm for groups using zero-knowledge proof. Using the algorithm, which is based on trust chains existing in decentralized network, users are able to authenticate each other without establishing a shared secret over side channel. The proposed algorithm is based on Democratic Group Signature protocol (DGS) and Communication-Computation Efficient Group Key algorithm for large and dynamic groups (CCEGK). We have performed security analysis of the proposed mutual authentication scheme against several attacks including Sybil attack and have made complexity estimation for the algorithm. The algorithm is implemented in an experimental P2P group messaging application, and using this implementation we estimate overhead of the authentication scheme and convergence time for several initial configurations of user groups and trust chains.
Download file
Counter downloads: 184
- Title Group authentication scheme based on zeroknowledge proof
- Headline Group authentication scheme based on zeroknowledge proof
- Publesher
Tomsk State University - Issue Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics 51
- Date:
- DOI 10.17223/20710410/51/3
Keywords
authentication, zero-knowledge proof, decentralized communicationsAuthors
References
Коростелева М. В., Гамаюнов Д. Ю. Обеспечение криптографически защищенных групповых коммуникаций с функцией отказуемости // Проблемы информационной безопасности. Компьютерные системы. 2014. №3. С. 74-79.
Goldberg I. et al. Multi-party off-the-record messaging // Proc. 16th Conf. Computer Commun. Security. ACM, 2009. P.358-368.
Шейдаев В. Ф., Гамаюнов Д. Ю. Отказуемые групповые коммуникации в модели глобального неограниченного злоумышленника // Прикладная дискретная математика. 2018. №40. С. 72-86.
https://bitbucket.org/Enr1g/p2p_mpotr.js - Moscow State University Seclab mpOTR.
Нгуен К. К. Доказательство с нулевым разглашением для взаимной аутентификации пользователей группового чата. Выпускная квалификационная работа. М.: МГУ, ВМК, 2018.
Boudot F., Schoenmakers B., and Traore J. A fair and efficient solution to the socialist millionaires’ problem // Discr. Appl. Math. 2001. V. 111. No. 1. P.23-36.
Manulis M. Democratic group signatures: on an example of joint ventures // Proc. 2006 ACM Symp. Inform. Comput. Commun. Security. 2006. P.365.
https://webrtc.org/ - Real-time communication for the web.
Stoica I. et al. Chord: A scalable peer-to-peer lookup service for internet applications // ACM SIGCOMM Comput. Commun. Rev. 2001. V. 31. No. 4. P. 149-160.
Alves-Foss J. An efficient secure authenticated group key exchange algorithm for large and dynamic groups // Proc. 23rd National Inform. Systems Security Conf. 2000. P. 254-266.
Kim Y., Perrig A., and Tsudik G. Communication-efficient group key agreement // IFIP Intern. Inform. Security Conf. Boston, MA: Springer, 2001. P.229-244.
Kim Y., Perrig A., and Tsudik G. Group key agreement efficient in communication // IEEE Trans. Computers. 2004. V. 53. No. 7. P.905-921.
Zheng S., Manz D., and Alves-Foss J. A communication-computation efficient group key algorithm for large and dynamic groups // Computer Networks. 2007. V. 51. No. 1. P. 69-93.
Camenisch J. and Stadler M. Efficient group signature schemes for large groups // Ann. Intern. Cryptology Conf. Berlin; Heidelberg: Springer, 1997. P. 410-424.
Fiat A. and Shamir A. How to prove yourself: Practical solutions to identification and signature problems // Conf. Theory Appl. Cryptogr. Techniques. Berlin; Heidelberg: Springer, 1986. P. 186-194.
Boneh D., Boyen X., and Shacham H. Short group signatures // Ann. Intern. Cryptology Conf. Berlin; Heidelberg: Springer, 2004. P. 41-55.
https://github.com/naruneph/Chord_chat - Реализация метода цепочек групп в децентрализованном чате.
Leskovec J. and Horvitz E. Planetary-scale views on an instant-messaging network // Proc. 17th Intern. Conf. World Wide Web. 2008. P.915-924.
Ugander J. et al. The anatomy of the facebook social graph. arXiv preprint arXiv:1111.4503. 2011.
https://research.fb.com/blog/2016/02/three-and-a-half-degrees-of-separation/- Three and a half degrees of separation - Facebook Research. 2016.
Group authentication scheme based on zeroknowledge proof | Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics. 2021. № 51. DOI: 10.17223/20710410/51/3
Download full-text version
Counter downloads: 293