We propose a security model, referred as g-eCK model, for group key exchange that captures essentially all non-trivial leakage of static and ephemeral secret keys of participants, i.e., group key exchange version of extended Canetti-Krawczyk (eCK) model. Moreover, we propose the first one-round tripartite key exchange (3KE) protocol secure in the g-eCK model under the gap Bilinear Diffie-Hellman (gap BDH) assumption and in the random oracle model.

Wang et al., in 2000, proposed a generalized group-oriented threshold signature scheme and a generalized authenticated encryption scheme with shared verification. Tseng et al., in 2001, showed that both schemes are insecure, because any attacker is able to reveal the group secret keys from two previously valid threshold signatures. They further presented two improvements on Wang et al.'s schemes to against the attacks. Unfortunately, this paper will show that the improved schemes are still breakable.

In 2000, Wang et al. proposed a new (t,n) threshold signature scheme with (k,l) threshold shared verification. Meanwhile, integrating the idea of message recovery, they also proposed a (t,n) threshold authenticated encryption scheme with (k,l) threshold shared verification. However, this article will show that both proposed schemes are insecure, because any malicious attacker can obtain the group secret keys from two valid threshold signatures. Thus, the attacker may solely forge or verify a threshold signature. An improvement to overcome the attacks is proposed.

A group-oriented cipher communication method is developed and implemented on a WWW-based (World Wide Web) network system. In this method, a group key common to all entities of the group is generated based on the group name or the identities of entities belonging to the group. The group key, in turn, is used for encrypting the data being shared among the group via the WWW server. The data theft at the WWW cache sites on the intermediate communication line is prevented, establishing a unified feature of the good WWW cache performance and security. A prototype of our method proved the feasibility and the efficiency.

Access control has been an important security issue in information systems. Multilevel hierarchical information access widely exists in present-day government, military, and business applications. Extending access control design to work in a hierarchical environment is natural and necessary but rarely addressed so far in the literature. In this paper, a dynamic group-oriented cryptographic scheme to access a multilevel data hierarchy is proposed. In the proposed scheme, a trusted central authority is in charge of the administrative activities among the organization hierarchy. At the beginning, each user class submits its associated information and a cryptographic key of its preference to the central authority. Next the central authority generates a public information for each class according to their location in the organization hierarchy. The cryptographic key held by each class can be used directly as an encryption key to encipher data. These keys need not be modified when adding/deleting a class to/from the system. Compare with other existing schemes, ours has the advantages of flexibility in choosing user preferred cryptographic keys, cryptographic keys not exceeding a fixed length, reduced storage space in publishing pubic information, and protection from conspiracy attack.