We are studying the agreement of authenticated group keys in peer networks for data sharing. First, we propose a new password-based authenticated group key memorandum of understanding with key confirmation. We present a formal explanation of its security in a variant of the security model of Bresson et al., adapted for the password-based setting. A discussion on the limitations of our protocol in case of group size will be presented. We finish the paper with an improved version of the protocol that uses a CAPTCHA technique that has been designed to make it more robust against online password attacks. Group key agreement (GKA) protocols allow participants to deduce a key based on each other`s contribution through a public network without a central authority. They also offer effective ways to change the key when participants change. While some of the proposed GKA protocols are too resource-intensive for Constraint devices, which are often present on ad hoc networks, others do not have a formal security analysis. In this article, we propose a simple, efficient and secure GKA protocol, which is well suited to ad hoc networks, and present the results of our implementation in a prototype application. His research interests are middleware and software architectures for distributed mobile systems. Valérie Issarny obtained her PhD in Computer Science at the University of Rennes I in 1991 and 1997 and graduated in Computer Science. She is currently a Senior Research Scientist at INRIA.
Since 2002, she has been head of the ArLES INRIA research team at INRIA-Rocquencourt. Their research interests include distributed systems, software architectures, mobile systems and middleware. She chairs the Executive Committee of the AIR&D consortium for ambient intelligence research and development. For more information on Valérie`s research interests and publications, please contact www-rocq.inria.fr/arles/members/issarny.html. His research interests are cryptography, security protocols and ad hoc networks. He is interested in coding and cryptography and the interactions between these two fields. Raghav Bhaskar obtained his Master of Technology in Mathematics and Computer Science in 2001 from the Indian Institute of Technology, Delhi, India. After brief stints at Novell Software and British Telecom Research, he began his PhD at INRIA, Rocquencourt, France, in 2003. ACNS 2006: Applied Cryptography and Network Security, pp. 162-177 | Cite as Daniele Sacchetti was a computer science student at the Faculty of Computer Science in Bologna, where he obtained his master`s degree in computer science. Daniele is a research engineer at the French National Institute for Research in Computer Science and Control, within the Arles team. .