50120130406002

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &
ISSN 0976 - 6375(Online), Volume 4, Issue 6, November - December (2013), © IAEME

TECHNOLOGY (IJCET)

ISSN 0976 – 6367(Print)
ISSN 0976 – 6375(Online)
Volume 4, Issue 6, November - December (2013), pp. 09-15
© IAEME: www.iaeme.com/ijcet.asp
Journal Impact Factor (2013): 6.1302 (Calculated by GISI)
www.jifactor.com

IJCET
©IAEME

MULTIPARTY KEY AGREEMENT PROTOCOL USING TRIPLE
DECOMPOSITION PROBLEM IN DISCRETE HEISENBERG GROUP

T.ISAIYARASI
Research Scholar, Bharathiar University &Assistant Professor
Department of Mathematics, Valliammai Engineering College
Tamil Nadu -603203, India
Dr.K.SANKARASUBRAMANIAN
Research Supervisor, Bharathiar University & Professor,
Department of Mathematics,Sri Sairam Engineering College.
Tamilnadu-600048, India

ABSTRACT
A Key Agreement Protocol (KAP) or mechanism is a key establishment technique in which a
shared key is derived by two (or more) parties as a function of information contributed by, or
associated with each of these such that no party can predetermine resulting value. This paper presents
a New Multiparty Key Agreement Protocol using the Triple Decomposition Search Problem .To
implement this; the Discrete Heisenberg group is chosen as the platform group. The protocol
depends on the hardness of Triple Decomposition Search problem in the Discrete Heisenberg group.

Keyword: Discrete Heisenberg group, Key Agreement Protocol, Triple Decomposition Search
problem.

1.

INTRODUCTION

A protocol is a multiparty algorithm, defined by a sequence of steps precisely specifying the
actions required of two or more parties in order to achieve a specified objective.
Key establishment is a process or protocol whereby a shared secret becomes available to two or more
parties, for subsequent cryptographic use. Key establishment may be broadly subdivided into key
transport and key agreement.

9


A key transport protocol or mechanism is a key establishment technique where one party
creates or otherwise obtains a secret value, and securely transfers it to the other(s).
A key agreement protocol or mechanism is a key establishment technique in which a shared
secret is derived by two (or more) parties as a function of information contributed by ,or associated
with ,each of these (ideally) such that no party can predetermine the resuming value. This paper
proposes a New Multiparty Key Agreement Protocol using Triple Decomposition Search problem. In
order to implement the Triple Decomposition Search Problem, the Discrete Heisenberg group is
chosen as the platform group. K parties agree on a common key in K- 1 rounds.
The paper is organised in the following manner. In section 2 introduces the discrete Heisenberg
group. Section 3 deals with the Triple Decomposition Problem. The Multiparty Key Agreement
Protocol using Triple Decomposition Problem is implemented in Section 4 . Section 5 discusses the
security of the protocol some of the encryption schemes are presented in Section 6 and Section 7
concludes the paper.

2.

INTRODUCTION TO DISCRETE HEISENBERG GROUP

The Discrete Heisenberg group ℋ may be described as the set
endowed with the following multiplication, where p is a prime
ሺ‫ݖ ,ݕ ,ݔ‬ሻ ൉ ሺ‫ݓ ,ݒ ,ݑ‬ሻ ൌ ሺ‫ ݔ‬൅ ‫ ݑ‬൅ ‫ ݕ ,ݓݕ‬൅ ‫ ݖ ,ݒ‬൅ ‫ݓ‬ሻ ݉‫݌ ݀݋‬

3
Z p

of all integer triples

2.1. Some Computational Facts about ℋ.

The following computational facts about ℋ can be easily derived from the definition of
Multiplication above.

2.1.1. Proposition.
Let ‫ ݊ ,ݓ ,ݒ ,ݑ ,ݖ ,ݕ ,ݔ‬be any integers. Then the multiplication in ℋ satisfies the following
equations:
(a) ሺ‫ݖ ,ݕ ,ݔ‬ሻିଵ ൌ ሺെ‫ ݔ‬൅ ‫ ,ݖݕ‬െ‫ ,ݕ‬െ‫ݖ‬ሻ ݉‫݌ ݀݋‬
ሺb) ሺ‫ݖ ,ݕ ,ݔ‬ሻ ൉ ሺ‫ݓ ,ݒ ,ݑ‬ሻ ൉ ሺ‫ݖ ,ݕ ,ݔ‬ሻିଵ ൌ ሺ‫ ݑ‬൅ ‫ ݓݕ‬െ ‫ݓ ,ݒ ,ݒݖ‬ሻ ݉‫݌݀݋‬
(c) ሾሺ‫ݖ ,ݕ ,ݔ‬ሻ, ሺ‫ݓ ,ݒ ,ݑ‬ሻሿ ൌ ሺ‫ ݓݕ‬െ ‫0 ,0 ,ݒݖ‬ሻ ݉‫݌ ݀݋‬
(d) In particular, ሾሺ0, 1, 0ሻ, ሺ0, 0, 1ሻሿ ൌ ሺ1, 0, 0ሻ.
(e) (i)ሺ‫0 ,0 ,ݔ‬ሻ ൉ ሺ0, ‫ݖ ,ݕ‬ሻ ൌ ሺ‫ ݖ ,ݕ ,ݔ‬ሻ݉‫݌ ݀݋‬
(ii)ሺ0, ‫0 ,ݕ‬ሻ ൉ ሺ0, 0, ‫ݖ‬ሻ ൌ ሺ‫ݖ ,ݕ ,ݖݕ‬ሻ ݉‫݌ ݀݋‬
(iii)ሺ0, 0, ‫ݖ‬ሻ ൉ ሺ0, ‫0 ,ݕ‬ሻ ൌ ሺ0, ‫ݖ ,ݕ‬ሻ ݉‫݌ ݀݋‬
(f) (i)(1, 0, 0)n = (n, 0, 0) mod p
(ii)ሺ0, 1, 0ሻ௡ ൌ ሺ0, ݊, 0ሻ ݉‫݌ ݀݋‬
(iii)ሺ0, 0, 1ሻ௡ ൌ ሺ0, 0, ݊ሻ ݉‫݌݀݋‬

2.1.2. Centre Z [ℋ]:
ℋ

ଷ
Centre of ℋ coincides with ܼ ൈ 0 ൈ 0 where ℋ ൌ ܼ௣ , [H, H] = Z [H].

2.1.3. Generators of ℋ:

Formulae (d)-(f) show that (0, 1, 0) and (0, 0, 1) generate ℋ. Specifically, ሺ‫ݖ ,ݕ ,ݔ‬ሻ ൌ
ሾሺ0, 1, 0ሻ, ሺ0, 0, 1ሻሿ௫ ൉ ሺ0, 0, 1ሻ ௭ ൉ ሺ0, 1, 0ሻ௬ , ݂‫ ݈݈ܽ ݎ݋‬ሺ‫ݖ ,ݕ ,ݔ‬ሻ ݅݊ ℋ. for the next result, we use the
௡ሺ௡ିଵሻ
non-standard notation ݊ሺଶሻ to stand for ଶ , for any integer‘݊’.

10


2.2. Proposition.
For any ሺ‫ݖ ,ݕ ,ݔ‬ሻ ߳ ℋ and any݊ ߳ ܼ, we have ሺ‫ݖ ,ݕ ,ݔ‬ሻ௡ ൌ ൫݊‫ ݔ‬൅ ݊ሺଶሻ ‫ݖ݊ ,ݕ݊ ,ݖݕ‬൯݉‫.݌ ݀݋‬

2.3. Proposition.
ℋ may be presented as ൏ ߙ, ߚ: ሾߙ, ሾߙ, ߚሿሿ ൌ 1 ൌ ሾߚ, ሾߙ, ߚሿሿ ൐,with ߙ (resp., ߚ) corresponding to
the generator ሺ0, 1, 0ሻ (resp.,ሺ0, 0, 1ሻ). The following results have been already established:

2.3.1. Result 1:
Let L be any group, and let ߪ and ߬ be any elements of L satisfying the two relations given
above.
Then,
there
is
a
unique
homomorphism
݄‫ ׷‬ℋ ՜ ‫ܮ‬
such
that
݄ሺ0, 1, 0ሻ ൌ ߪ ܽ݊݀ ݄ሺ0, 0, 1ሻ ൌ ߬

2.3.2. Result 2:
Let σ and τ be any elements of ℋ. There exists a unique endomorphism h of ℋ such that
݄ሺ0, 1, 0ሻ ൌ ߪ ܽ݊݀ ݄ሺ0, 0, 1ሻ ൌ ߬ .

3.

THE TRIPLE DECOMPOSITION PROBLEM

In order to describe the system in a more general setting we assume the underlying structure
is a non-commutative group.

3.1. Definition: A non – commutative group G is an algebraic structure with a binary operation and
whose elements satisfy the following axioms.
(i)For ܽ, ܾ in ‫ ܾ .ܽ , ܩ‬is in ‫( ܩ‬Closure property)
(ii)For ܽ , ܾ , ܿ in ‫ .ܽ ܩ‬ሺܾ. ܿሻ ൌ ሺܽ. ܾሻ. ܿ (Associative property)
(iii)There exists an element ݁ in ‫ ܩ‬such that for all ܽ in, ܽ . ݁ ൌ ݁ . ܽ ൌ ܽ
(iv) For all ܽ in ‫ ܩ‬there exists an element ܽିଵ in G such that ܽ . ܽିଵ ൌ ܽିଵ . ܽ ൌ ݁
(v) In general ܽ. ܾ ് ܾ . ܽ (non –commutativity)

3.2. Definition:
For an element g є G let ‫ܥ‬ሺ݃ሻ ൌ ሼ ݄ є ‫ ݄݃ / ܩ‬ൌ ݄݃ ሽ. ‫ܥ‬ሺ݃ሻ is called the centralizer of g
in G. For a subset ‫ ܪ‬ൌ ሼ ݃ଵ , ݃ଶ , ݃ଷ … … ݃ ௞ ሽof G, define ‫ ܥ‬ሺ ‫ ܪ‬ሻ ൌ ‫ ܥ‬ሺ݃ଵ , ݃ଶ … ݃௞ ሻ to be the set
of elements in G that commute with all ݃௜ for ݅ ൌ 1 ,2 , … . ݇ (Hence ‫ ܥ‬ሺ‫ܪ‬ሻ ൌ ‫ ܥ‬ሺ݃ଵ ሻ ‫ת‬
‫ ܥ‬ሺ݃ଶ ሻ ‫ ܥ ת … ת‬ሺ݃௞ ሻ ሻ

3.3. The Protocol:
The protocol goes as follows:
Alice picks two elements‫ݔ‬ଵ , ‫ݔ‬ଶ ∈ ‫ , ܩ‬chooses sets ܵ௫ଵ ܽ݊݀ ܵ௫ଶ which are subsets of
centralizers of ‫ݔ‬ଵ ܽ݊݀ ‫ݔ‬ଶ respectively. Alice publishes ܵ௫ଵ ܽ݊݀ ܵ௫ଶ Bob picks two elements
‫ݕ‬ଵ , ‫ݕ‬ଶ ∈ ‫ , ܩ‬chooses sets ܵ௬ଵ ܽ݊݀ ܵ௬ଶ which are subsets of centralizers of ‫ݕ‬ଵ ܽ݊݀ ‫ݕ‬ଶ respectively.
Bob publishes ܵ௬ଵ ܽ݊݀ ܵ௬ଶ Alice chooses random elements ܽଵ ∈ ‫ܽ ,ܩ‬ଶ ∈ ܵ௬ଵ , ܽ ଷ ∈ ܵ௬ଶ .
ሺ ܽଵ , ܽଶ , ܽ ଷ ሻ is her private key.
She sends Bob her public key ሺ ‫ݓ , ݒ , ݑ‬ሻ where ‫ ݑ‬ൌ ܽଵ ‫ݔ‬ଵ , ‫ ݒ‬ൌ ‫ݔ‬ଵ ିଵ ܽ ଶ ‫ݔ‬ଶ , ‫ ݓ‬ൌ ‫ݔ‬ଶ ିଵ ܽଷ
Bob chooses random elements ܾଵ ∈ ܵ௫ଵ , ܾଶ ∈ ܵ௫ଶ ܽ݊݀ ܾଷ ∈ ‫ ܩ‬and sets ሺܾଵ , ܾଶ , ܾଷ ሻ as his private key
ିଵ
He sends Alice his public key ሺ‫ ݎ , ݍ , ݌‬ሻ where ‫ ݌‬ൌ ܾଵ ‫ݕ‬ଵ , ‫ ݍ‬ൌ ‫ݕ‬ଵ ܾଶ ‫ݕ‬ଶ , ‫ ݎ‬ൌ ‫ݕ‬ଶ ିଵ ܾଷ
Alice computes ܽଵ ‫ܽ ݌‬ଶ ‫ܽ ݍ‬ଷ ‫ ݎ‬ൌ ܽଵ ܾଵ ܽଶ ܾଶ ܽଷ ܾଷ ൌ ‫ܭ‬஺
11


Bob computes ‫ 3ܾ ݓ 2ܾ ݒ 1ܾ ݑ‬ൌ ܽ1 ܾ1 ܽ2 ܾ2 ܽ 3 ܾ3 ൌ ‫ܭ‬஻
‫ܭ‬஺ ൌ ‫ܭ‬஻ ൌ ‫ ܭ‬is their shared secret key
The security of the system depends on solving the equations
‫ ݑ‬ൌ ܽଵ ‫ݔ‬ଵ
… … … ሺ1ሻ
ିଵ
‫ ݒ‬ൌ ‫ݔ‬ଵ ܽଶ ‫ݔ‬ଶ
… … … ሺ2ሻ
ିଵ
‫ ݓ‬ൌ ‫ݔ‬ଶ ܽଷ
… … … ሺ3ሻ to get the private key of Alice.
Solving equation (2), i.e., decomposing ‫ ݒ‬as three elements ‫ି ݔ‬ଵ , ܽଶ ܽ݊݀ ‫ݔ‬ଶ is known as the
triple decomposition problem. In order to apply the triple decomposition, the platform group must
satisfy the following properties:
P1) The group should be a non commutative group of exponential growth.
P2) It should be computationally easy to perform group operations (multiplication and inversion)
P3) It should be computationally easy to generate pairs
ሺ ܽ , ሼ ܽଵ , … ܽ௞ ሽሻ‫ܽ ܽ ݐ݄ܽݐ ݄ܿݑݏ‬௜ ൌ ܽ௜ ܽ ݂‫ ݅ ݎ݋‬ൌ 1 … ݇
P4) For a generic set ሼ ݃ଵ … . . ݃௞ ሽ of elements of the group it should be difficult to compute
‫ ܥ‬ሺ݃ଵ … . . ݃௞ ሻ ൌ ‫ ܥ‬ሺ݃ଵ ሻ ‫ܥ ת‬ሺ݃ଶ ሻ ‫ܥ ת … … ת‬ሺ݃௞ ሻ
ଵ
ଵ
P5) Even if ‫ܪ‬ଵ ൌ ‫ ܥ‬ሺ݃ଵ … . . ݃௞ ሻ and ‫ 2ܪ‬ൌ ‫ ܥ‬ሺ ݃ଵ . . . . ݃௞ ሻ are computed it should be hard to find
‫ ݔ‬Є ‫ܪ‬ଵ and ‫ ݕ‬Є ‫ܪ‬ଶ and ܽ Є ‫ ܪ‬where H is some fixed subgroup given by its generating set such that
‫ ݕ ܽ ݔ‬ൌ ‫ ݒ‬for any ‫ ݒ‬Є ℋ .

4.

Implementation of Triple Decomposition Problem in Discrete Heisenberg Group:

K parties ‫ܣ‬ଵ , ‫ܣ‬ଶ … ‫ܣ‬௞ agree on the following:
ܑሻA finite non abelian group (Discrete Heisenberg group ℋ =Zp3) where p is a prime number
sufficiently large
ܑܑሻ Cyclic subgroups‫ܩ‬ଵ , ‫ܩ‬ଶ ‫ܩ‬ଷ , of ℋ such that‫ܩ‬ଵ ൌ ൏ ݁ , ݃ଵ , ݃ଶ ൐ , ‫ܩ‬ଶ ൌ ൏ ݁, ݄ଵ , ݄ଶ ൐ and‫ܩ‬ଷ ൌ ൏
݁, ݇ଵ , ݇ଶ ൐.
iii)݃௜ ݄௝ ് ݄௝ ݃௜ , ݅ ൌ 1 ,2 ܽ݊݀ ݆ ൌ 1 ,2 . , ݃௜ ݇௝ ് ݇௝ ݃௜ , ݅ ൌ 1 ,2 ܽ݊݀ ݆ ൌ 1 ,2 , ݄௜ ݇௝ ് ݇௝ ݄௜ , ݅ ൌ
1 ,2 ܽ݊݀ ݆ ൌ 1 ,2

The following actions are carried out to arrive at a common shared key:
I Round:
‫ܣ‬ଵ chooses ܽଵ ‫ܩ א‬ଵ , ܾଵ , ‫ݔ‬ଵ ‫ܩ א‬ଶ ܽ݊݀ ܿଵ , ‫ݕ‬ଵ ‫ܩ א‬ଷ and computes
ିଵ
ିଵ
‫ݑ‬ଵଵ ൌ ܽଵ ‫ݔ‬ଵ , ‫ݒ‬ଵଵ ൌ ‫ݔ‬ଵ ܾଵ ‫ݕ‬ଵ , ‫ݓ‬ଵଵ ൌ ‫ݕ‬ଵ ܿଵ
‫ܣ‬ଶ chooses ܽଶ ‫ܩ א‬ଵ , ܾଶ , ‫ݔ‬ଶ ‫ܩ א‬ଶ ܽ݊݀ ܿଶ, ‫ݕ‬ଵ ‫ܩ א‬ଷ and computes
ିଵ
ିଵ
‫ݑ‬ଶଵ ൌ ܽଶ ‫ݔ‬ଶ , ‫ݒ‬ଶଵ ൌ ‫ݔ‬ଶ ܾଶ ‫ݕ‬ଶ , ‫ݓ‬ଶଵ ൌ ‫ݕ‬ଶ ܿଶ
‫ܣ‬ଷ chooses ܽଷ ‫ܩ א‬ଵ , ܾଷ, ‫ݔ‬ଷ ‫ܩ א‬ଶ , ܿଷ , ‫ݕ‬ଷ ‫ܩ א‬ଷ and computes
ିଵ
ିଵ
‫ݑ‬ଷଵ ൌ ܽଷ ‫ݔ‬ଷ , ‫ݒ‬ଷଵ ൌ ‫ݔ‬ଷ ܾଷ ‫ݕ‬ଷ , ‫ݓ‬ଷଵ ൌ ‫ݕ‬ଷ ܿଷ
…
‫ܣ‬௞ିଵ chooses ܽ௞ିଵ ‫ܩ א‬ଵ , ܾ௞ିଵ , ‫ݔ‬௞ିଵ ‫ܩ א‬ଶ , ܿ௞ିଵ , ‫ݕ‬௞ିଵ ‫ܩ א‬ଷ and computes
ିଵ
ିଵ
‫ݑ‬ሺ௞ିଵሻଵ ൌ ܽ௞ିଵ ‫ݔ‬௞ିଵ , ‫ݒ‬ሺ௞ିଵሻଵ ൌ ‫ݔ‬௞ିଵ ܾ௞ିଵ ‫ݕ‬௞ିଵ , ‫ݓ‬ሺ௞ିଵሻଵ ൌ ‫ݕ‬௞ିଵ ܿ௞ିଵ
ିଵ
‫ܣ‬௞ chooses ܽ௞ ‫ܩ א‬ଵ , ܾ௞ , ‫ݔ‬௞ ‫ܩ א‬ଶ , ܿ௞ , ‫ݕ‬௞ ‫ܩ א‬ଷ and computes ‫ݑ‬௞ଵ ൌ ܽ௞ ‫ݔ‬௞ , ‫ݒ‬௞ଵ ൌ ‫ݔ‬௞ ܾ௞ ‫ݕ‬௞ , ‫ݓ‬௞ଵ ൌ
ିଵ
‫ݕ‬௞ ܿ௞
‫ܣ‬ଵ sends (‫ݑ‬ଵଵ , ‫ݒ‬ଵଵ , ‫ݓ‬ଵଵ ሻ to ‫ܣ‬ଶ
12


‫ܣ‬ଶ sends (‫ݑ‬ଶଵ , ‫ݒ‬ଶଵ , ‫ݓ‬ଶଵ ) to ‫ܣ‬ଷ
‫ܣ‬ଷ sends (‫ݑ‬ଷଵ , ‫ݒ‬ଷଵ , ‫ݓ‬ଷଵ ) to A4
…
‫ܣ‬௞ିଵ sends (‫ݑ‬ሺ௞ିଵሻଵ , ‫ݒ‬ሺ௞ିଵሻଵ , ‫ݓ‬ሺ௞ିଵሻଵ ) to ‫ܣ‬௞
‫ܣ‬௞ sends (‫ݑ‬௞ଵ , ‫ݒ‬௞ଵ , ‫ݓ‬௞ଵ ) to ‫ܣ‬ଵ

II Round:
‫ܣ‬ଵ computes ‫ݑ‬ଵଶ ൌ ܽଵ ‫ݑ‬௞ଵ , ‫ݒ‬ଵଶ ൌ ܾଵ ‫ݒ‬௞ଵ , ‫ݓ‬ଵଶ ൌ ܿଵ ‫ݓ‬௞ଵ and sends (‫ݑ‬ଵଶ , ‫ݒ‬ଵଶ , ‫ݓ‬ଵଶ ) to ‫ܣ‬ଶ
‫ܣ‬ଶ computes ‫ݑ‬ଶଶ ൌ ܽଶ ‫ݑ‬ଵଵ , ‫ݒ‬ଶଶ ൌ ܾଶ ‫ݒ‬ଵଵ , ‫ݓ‬ଶଶ ൌ ܿଶ ‫ݓ‬ଵଵ and ሺ‫ݑ‬ଶଶ , ‫ݒ‬ଶଶ , ‫ݓ‬ଶଶ ) to ‫ܣ‬ଷ
‫ܣ‬ଷ computes ‫ݑ‬ଷଶ ൌ ܽଷ ‫ݑ‬ଶଵ , ‫ݒ‬ଷଶ ൌ ܾଷ ‫ݒ‬ଶଵ , ‫ݓ‬ଷଶ ൌ ܿଷ ‫ݓ‬ଶଵ and sends ሺ‫ݑ‬ଷଶ , ‫ݒ‬ଷଶ , ‫ݓ‬ଷଶ ) to ‫ܣ‬ସ
…

‫ܣ‬௞ computes ‫ݑ‬௞ଶ ൌ ܽ௞ ‫ݑ‬ሺ௞ିଵሻଵ , ‫ݒ‬௞ଶ ൌ ܾ௞ ‫ݒ‬ሺ௞ିଵሻଵ , ‫ݓ‬௞ଶ ൌ ܿ௞ ‫ݓ‬ሺ௞ିଵሻଶ and sends (‫ݑ‬௞ଶ , ‫ݒ‬௞ଶ , ‫ݓ‬௞ଶ ) to ‫ݒ‬ଷଶ

(K-1)st Round:
‫ܣ‬ଵ computes ‫ܭ‬஺ଵ ൌ ܽଵ ‫ݑ‬௞ሺ௞ିଵሻ ܾଵ ‫ݒ‬௞ሺ௞ିଵሻ ܿଵ ‫ݓ‬௞ሺ௞ିଵሻ
‫ܣ‬ଶ computes ‫ܭ‬஺ଶ ൌ ܽଶ ‫ݑ‬ଵሺ௞ିଵሻ ܾଶ ‫ݒ‬ଵሺ௞ିଵሻ ܿଶ ‫ݓ‬ଵሺ௞ିଵሻ
‫ܣ‬ଷ computes ‫ܭ‬஺ଷ ൌ ܽଷ ‫ݑ‬ଶሺ௞ିଵሻ ܾଷ ‫ݒ‬ଶሺ௞ିଵሻ ܿଷ ‫ݓ‬ଶሺ௞ିଵሻ
…
‫ܣ‬௞ିଵ computes ‫ܭ‬஺ሺ௞ିଵሻ ൌ ܽ௞ିଵ ‫ݑ‬ሺ௞ିଶሻሺ௞ିଵሻ ܾ௞ିଵ ‫ݒ‬ሺ௞ିଶሻሺ௞ିଵሻ ܿ௞ିଵ ‫ݓ‬ሺ௞ିଶሻሺ௞ିଵሻ
‫ܣ‬௞ computes ‫ܭ‬஺௞ ൌ ܽ௞ ‫ݑ‬ሺ௞ିଵሻሺ௞ିଵሻ ܾ௞ ‫ݒ‬ሺ௞ିଵሻሺ௞ିଵሻ ܿ௞ ‫ݓ‬ሺ௞ିଵሻሺ௞ିଶሻ
‫ܭ‬஺ଵ ൌ ‫ܭ‬஺ଶ ൌ ‫ ڮ‬ൌ ‫ܭ‬஺௞ is their common shared key

5.

SECURITY ANALYSIS OF THE PROTOCOL

An adversary looking for‫ܣ‬ଵ’s public key in first round needs to solve the following;
‫ݑ‬ଵଵ ൌ ܽଵ ‫ݔ‬ଵ
Let ‫ݑ‬ଵଵ ൌ ሺ‫ݑ‬ଵ , ‫ݑ‬ଶ , ‫ݑ‬ଷ ሻ
ܽଵ ൌ ሺܽ, ܾ, ܿ ሻ , ‫ݔ‬ଵ ൌ ሺ‫ݖ ,ݕ ,ݔ‬ሻ
‫ݑ‬ଵଵ ൌ ሺܽଵ , ܾଵ , ܿଵ ሻ. ሺ‫ݔ‬ଵ , ‫ݕ‬ଵ , ‫ݖ‬ଵ ሻ ൌ ሺܽ ൅ ‫ ݔ‬൅ ܾ‫ ܾ , ݖ‬൅ ‫ ܿ , ݕ‬൅ ‫ ݖ‬ሻ
‫ݑ‬ଵ ൌ ܽ ൅ ‫ ݔ‬൅ ܾ‫ݑ , ݖ‬ଶ ൌ ܾ ൅ ‫ݑ ,ݕ‬ଷ ൌ ܿ ൅ ‫ . . … … … ݖ‬ሺ1ሻ
If he wants to solve a1 or x1, he has to solve the system of equations in (1)
Similarly he has to solve another set of equations of the same type as in (1) to recover ܽଷ or ‫ݔ‬ଷ
from ‫ݓ‬ଵଵ .
ିଵ
‫ݒ‬ଵଵ ൌ ‫ݔ‬ଵ ܽଶ ‫ݔ‬ଶ
Let ‫ݒ‬ଵଵ ൌ ሺ‫ݒ‬ଵ , ‫ݒ‬ଶ , ‫ݒ‬ଷ ሻ, ‫ݔ‬ଶ ൌ ሺ‫ݔ‬ଵ , ‫ݕ‬ଵ , ‫ݖ‬ଵ ሻ , ܽଶ ൌ ሺܽଵ , ܾଵ , ܿ ଵ ሻ,
ሺ‫ݒ‬ଵ , ‫ݒ‬ଶ , ‫ݒ‬ଷ ሻ = ሺ‫ ݖ ,ݕ ,ݔ‬ሻିଵ . ሺܽଵ , ܾଵ , ܿ ଵ ሻ. ሺ‫ ݔ‬ଵ , ‫ ݕ‬ଵ , ‫ݖ‬ଵ ሻ
= ሺ‫ ݕ‬൅ ‫ ݖݔ‬൅ ܽଵ ൅ ‫ ݔ‬ଵ ൅ ܾଵ ‫ݖ‬ଵ െ ‫ ܿݕ‬ଵ െ ‫ݖݕ‬ଵ െ ‫ݕ‬ሺܿ ଵ ൅ ‫ݖ‬ଵ ሻ, െ‫ ݕ‬൅ ܾଵ ൅ ‫ݕ‬ଵ , െ‫ ݖ‬൅ ܿ ଵ ൅ ‫ݖ‬ଵ ሻ
He has to solve the following system of equations,
‫ݒ‬ଵ ൌ െ‫ ݕ‬൅ ‫ ݖݔ‬൅ ܽଵ ൅ ‫ ݔ‬ଵ ൅ ܾଵ ‫ݖ‬ଵ െ ‫ݖݕ‬ଵ െ ‫ ݕ‬ሺܿ ଵ ൅ ‫ݖ‬ଵ ሻ
‫ݒ‬ଶ ൌ െ‫ ݕ‬൅ ܾଵ ൅ ‫ݕ‬
‫ݒ‬ଷ ൌ െ‫ ݖ‬൅ ܿ ଵ ൅ ‫ݖ‬ଵ
Solving for ‫ ݒ‬is known as triple decomposition problem.
Similar procedure must be done if he wants to solve for the other entities private and public keys.
If the adversary looking for A1’s public key in the second round, he has to solve more complicated
equations.

13


6.

ENCRYPTION SCHEME

The K entities ‫ܣ‬ଵ , ‫ܣ‬ଶ , … ‫ܣ‬௞ may use their common key for encrypting and decrypting the messages.

6.1. Scheme 1:
Encryption:
If suppose ‫ܣ‬ଵ wants to send a message ‘m’ to any of the other entities, he computes
‫ ܧ‬ൌ ‫ି ܭ ݉ ܭ‬ଵ And sends E.

Decryption:
Since the other entities know the value of K they decrypt as follows,
‫ ܦ‬ൌ ‫ି ܭ‬ଵ ‫ ܭ ܧ‬ൌ ‫ି ܭ‬ଵ ‫ି ܭ ݉ܭ‬ଵ ‫ ܭ‬ൌ ݉

6.2. Encryption Scheme 2:
Apart from having the common key, they may agree on an endomorphism
they may use the twisted contumacy search problem for encryption and decryption.

: ℋ → ℋ and

Encryption:

‫ܣ‬ଵ Computes ‫ ܧ‬ൌ ‫߮ ݉ ܭ‬ሺ‫ି ܭ‬ଵ ሻ and sends it to others.

Decryption:

Others have the value of K, they decrypt ‫ ܦ‬ൌ ‫ି ܭ‬ଵ ‫߮ ܧ‬ሺ‫ܭ‬ሻ ൌ ‫ି ܭܭ‬ଵ ݉ ߮ሺ‫ି ܭ‬ଵ ሻ߮ሺ‫ܭ‬ሻ ൌ ݉

Encryption Scheme 3:
‫ܣ‬ଵ Encrypts the message m by finding ‫ ܧ‬ൌ ‫ ݉ܭ‬and sends to other entities.
Since they have the key K, they decrypt ‫ ܦ‬ൌ ‫ି ܭ‬ଵ ‫ ܧ‬ൌ ‫ି ܭ‬ଵ ‫ ݉ ܭ‬ൌ ݉

7.

CONCLUSION

This paper proposes a Multi party Key Agreement protocol using the triple decomposition
search problem which is implemented in Discrete Heisenberg group. K parties may arrive at a
common shared key in K-1 rounds. This protocol depends on the difficulty of solving triple
decomposition search problem in Discrete Heisenberg group. Solving the triple decomposition
search problem in the first round itself is a tedious process as discussed in Section 5. It is much more
difficult for an adversary to break the system in the second round and so for the remaining rounds,
since at each round the public keys of the communicating parties become more complicated to solve.
Hence the protocol presented in this paper provides a secure communication over any number of
parties. In continuation to this work, this protocol may be made secure against the man – in – middle
attack by providing authentication by means of digital signature.

REFERENCES
[1]

[2]

[3]

A.Joux, A One Round Protocol for tripartite Diffe-Hellman,In W.Bosma ,editor proceedings
of Algorithmic Number Theory ,Symposium ,ANTS IV ,volume 1838 of Lecture Notes in
Computer Science ,Pages 385 -394 Springer Verlag,2000
Alexei Myansnikov,Vladmir Shpilarain ,Alexander Ushakov, Group Based Cryptography,
2000 Mathematical Subject Classification: 11T71, 20Exx, 20Fxx, 20Hxx, 20P05,
60B15,68P25, 94A60,
Atul Chaturvedi, Varun Shukla,Tripartite Key Agreement Protocol using Conjugacy Problem
in Braid Groups. International Journal of Computer Applications (0975 – 8887) Volume 31–
No.1, October 2011
14


[4]
[5]

[6]
[7]
[8]
[9]
[10]

[11]

[12]
[13]
[14]
[15]

[16]

[17]

[18]

Chun-Li Lin, Hung-Min Sun, Michael Steiner and Tzonelih Hwang Three-party Encrypted
Key Exchange WithoutServer Public-Keys
Giuseppe Ateniese, Michael Steiner, and Gene Tsudik, Member, IEEEg-Min Sun,
Michael Steiner and Tzonelih Hwang -New Multiparty Authentication Services and Key
Agreement Protocol
Ho –Kyu, Hyang –Sook Lee, Young –Ran Lee - Multiparty Authenticated Key Agreement
Protocols From Multilinear Forms.
Ko et al Public Key Cryptosystem based on Braid Groups , Crypto 2000 LNCS 1880,
pp66183
Peter J.Khan, Automorpisms of the Discrete Heisenberg Group, arXiv:math / 0405109VI
[math SG]6, May 2004
Rene’ Peralta,Eiji Okamoto,School of information science Some combinatorial problems of
importance to Cryptography
T.Isaiyarasi, Dr.K.Sankarasubramanian , “A New Multiparty Key Agreement Protocol Using
Search Problems in Discrete Heisenberg Group” ,Indian Journal Of Computer Science and
Engineering, Volume 3 ,Issue 1 ,Page No.159- 168.EISSn 0976 – 5166 ,Print ISSN : 2231 3850
Vladmir Shplrain and Alexander Ushakov, A new Key Exchange Protocol based on the
decomposition problem .2000 Mathematics Subject classification classification
94A60,20F05,20F06,68P5
Vladmir Shplrain and Gabrial Zapata, Using the subgroup membership search problem
in public key cryptography, www.sci.ccny.cuny.edu/~shpil/crypmemb.pdf
Yesem Kurt, A new key exchange primitive based on the triple decomposition problem
eprint.iacr.org/cryptodb/data/paper.pp?
Zhaohui Cheng, Luminita Vasiu and Richard Comley proposed Pairing- Based One –Round
Tripartite Key Agreement Protocol.
Samir Elouaham, Rachid Latif, Boujemaa Nassiri, Azzedine Dliou, Mostafa Laaboubi And
Fadel Maoulainine, “Analysis Electrocardiogram Signal Using Ensemble Empirical Mode
Decomposition And Time-Frequency Techniques”, International Journal of Computer
Engineering & Technology (IJCET), Volume 4, Issue 2, 2013, pp. 275 - 289, ISSN Print:
0976 – 6367, ISSN Online: 0976 – 6375, Published by IAEME.
Aarti Bairagi and Shweta Yadav, “A New Parameter Proposed For Route Selection In
Routing Protocol For Manet”, International Journal of Computer Engineering & Technology
(IJCET), Volume 4, Issue 1, 2013, pp. 31 - 37, ISSN Print: 0976 – 6367, ISSN Online: 0976
– 6375, Published by IAEME
Wategaonkar D.N and Deshpande V.S., “On Improvement Of Performance For Transport
Protocol Using Sectoring Scheme In WSN”, International Journal of Computer Engineering
& Technology (IJCET), Volume 4, Issue 4, 2013, pp. 275 - 281, ISSN Print: 0976 – 6367,
ISSN Online: 0976 – 6375, Published by IAEME
Saloni Singla And Tripatjot Singh Panag., “Evaluating The Performance Of Manet Routing
Protocols”, International Journal of Computer Engineering & Technology (IJCET), Volume
4, Issue 1, 2013, pp. 125 - 130, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375,
Published by IAEME

15

50120130406002

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (7)

Destaque

Destaque (20)

Semelhante a 50120130406002

Semelhante a 50120130406002 (20)

Mais de IAEME Publication

Mais de IAEME Publication (20)

Último

Último (20)

50120130406002